Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

help can't remove malware please can someone take a look

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

help can't remove malware please can someone take a look

Unread postby jemma_79 » December 25th, 2007, 11:29 pm

viewtopic.php?f=12&t=25164

i have been in hospital my 10 days to reply to my previous topic had expired above is the link plus i enclose a virustotal log and hijack this log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:22:31, on 24/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\DfrgNtfs.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\internet explorer\iexplore.exe
C:\DOCUME~1\user\LOCALS~1\Temp\~nsu.tmp\Au_.exe
C:\Program Files\hijack.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TI WLAN] C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-a8637465bb4ac20b.spaces.live ... nPUpld.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} - http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://fortunelounge.microgaming.com/g ... lashAX.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} - http://zone.msn.com/bingame/hsol/defaul ... uncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://smiley.oberon-media.com/online/o ... der_v6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C1FE956-4C46-4B88-BAEC-4F257DF18246}: NameServer = 85.255.115.30,85.255.112.184
O17 - HKLM\System\CCS\Services\Tcpip\..\{647F5272-D95B-488F-8A55-4BD1EAA7EBFE}: NameServer = 85.255.115.30,85.255.112.184
O17 - HKLM\System\CCS\Services\Tcpip\..\{A369CF6C-66E8-496B-B94E-50065D139744}: NameServer = 85.255.115.30,85.255.112.184
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.30 85.255.112.184
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.30 85.255.112.184
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.30 85.255.112.184
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: TI Wlan Service (tiwlnsvc) - Unknown owner - C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 9604 bytes


Antivirus Version Last Update Result
AhnLab-V3 2007.12.21.10 2007.12.20 -
AntiVir 7.6.0.46 2007.12.20 -
Authentium 4.93.8 2007.12.20 -
Avast 4.7.1098.0 2007.12.20 -
AVG 7.5.0.503 2007.12.19 -
BitDefender 7.2 2007.12.20 -
CAT-QuickHeal 9.00 2007.12.19 -
ClamAV 0.91.2 2007.12.20 -
DrWeb 4.44.0.09170 2007.12.20 -
eSafe 7.0.15.0 2007.12.19 -
eTrust-Vet 31.3.5390 2007.12.20 -
Ewido 4.0 2007.12.20 -
FileAdvisor 1 2007.12.20 -
Fortinet 3.14.0.0 2007.12.20 -
F-Prot 4.4.2.54 2007.12.20 -
F-Secure 6.70.13030.0 2007.12.20 -
Ikarus T3.1.1.15 2007.12.20 -
Kaspersky 7.0.0.125 2007.12.20 -
McAfee 5189 2007.12.19 -
Microsoft 1.3109 2007.12.20 -
NOD32v2 2737 2007.12.20 -
Norman 5.80.02 2007.12.20 -
Panda 9.0.0.4 2007.12.20 -
Prevx1 V2 2007.12.20 -
Rising 20.23.32.00 2007.12.20 -
Sophos 4.24.0 2007.12.20 -
Sunbelt 2.2.907.0 2007.12.20 -
Symantec 10 2007.12.20 -
TheHacker 6.2.9.165 2007.12.19 -
VBA32 3.12.2.5 2007.12.20 -
VirusBuster 4.3.26:9 2007.12.19 -
Webwasher-Gateway 6.6.2 2007.12.20 -
Additional information
File size: 1536 bytes
MD5: 414d5e22b47023f582fa92cfab3f803f
SHA1: 752ac072568d8a7875a3349b341583dfad9acba3
PEiD: -


ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.


VirusTotal © Hispasec Sistemas - Blog - Contact: info@virustotal.com
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm
Advertisement
Register to Remove

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 1st, 2008, 7:42 pm

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems. HijackThis logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that it happens.

Please reply to this thread, do not start another.
Please tell me about any problems that have occurred during the fix.
Please tell me of any other symptoms you may be having as these can help also.
Please try as much as possible not to run anything while executing a fix.

As I am still on training, everything that I post to you, must be checked by one of the teachers. Thus, there may be a tiny bit of a delay between posts, but it shouldn't be too long.

If you follow these instructions, everything should go smoothly.

we are currently looking at your log now and will be back as soon as possible with your instructions.
while you are waiting one other thing that can be of good use is an uninstall list so please do the following

Make an uninstall list using HijackThis
To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.
5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here in your next reply.


Gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 2nd, 2008, 2:39 pm

hello

Please read all instructions first so you understand what is going to be needed

here is a list of tools I would like you to download, save these tools to your desktop to use later
these tools are updated all the time if you already have a copy of these tools please uninstall the old copy and download the new ones


WAREOUT

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

After you have downloaded fixwareout from above

Save it to your desktop and run it. Click Next, then Install, then make sure "Run fixit" is checked and click Finish. The fix will begin;
follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.

At the end of the fix, you may need to restart your computer again.

Post back the contents of the logfile C:\fixwareout\report.txt.

Now lets check some settings on your system.
(2000/XP) Only
In the windows control panel. If you are using Windows XP's Category View, select the Network and Internet Connections category otherwise double click on Network Connections. Then right click on your default connection, usually local area connection for cable and dsl, and left click on properties. Click the Networking tab. Double-click on the Internet Protocol (TCP/IP) item and select the radio dial that says Obtain DNS servers automatically
Press OK twice to get out of the properties screen and reboot if it asks.
That option might not be avaiable on some systems.

Next we need to
FLUSHDNS

Go start run type cmd and hit OK
type
ipconfig /flushdns
then hit enter, type exit hit enter
(that space between g and / is needed)

If you now cannot access the internet, please follow these steps in Green:
  • Select Start->Control Panel->Network Connections
  • Right click your default connection, usually Local Area Connection (or Dial-up Connection if you are using dial-up) and select Properties
  • Under This connection uses the following items, select Internet Protocol (TCP/IP) item and press the Properties button
  • Select the radio button that says Use the following DNS server addresses:
  • Then enter the following IP addresses into the Preferred and Alternate IP address boxes: 208.67.222.222 and 208.67.220.220
  • Then click OK twice

:SmitfraudFix:

after you have downloaded SmitfraudFix (by S!Ri)

Double-click SmitfraudFix.exe.
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

**If the tool fails to launch from the Desktop, please move SmitfraudFix.exe directly to the root of the system drive (usually C:), and launch from there.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm


:Combofix:

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

*Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall




send me the logs from
fixwareout
smitfraudfix
combofix
new hijackthislog



gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 2nd, 2008, 10:00 pm

2X-Office 7.72
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player ActiveX
Adobe Reader 8.1.0
Adobe Shockwave Player
Adobe® Photoshop® Album Starter Edition 3.0
AOL You've Got Pictures Screensaver
CCleaner (remove only)
Compatibility Pack for the 2007 Office system
ebgcInfra
ebgcRes
ebgcSDK
EnglishHarbourCasino
EPSON Attach To Email
EPSON Easy Photo Print
EPSON File Manager
EPSON Printer Software
EPSON Scan Assistant
EPSON Web-To-Page
ESPR240 User's Guide
Hardwood Spades
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB935448)
iKeyWorks 7.72
InterActual Player
Java(TM) 6 Update 3
Learn2 Player (Uninstall Only)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
Nero 6 Ultra Edition
NVIDIA Drivers
RealPlayer
Realtek High Definition Audio Driver
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB944653)
Trend Micro Internet Security
Ultra soft
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
VideoCAM Messenger
Viewpoint Media Player
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885295
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Wireless LAN Utility
ZoneAlarm
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 2nd, 2008, 10:19 pm

below are the 4 logs that were produced thankyou
Username "user" - 03/01/2008 2:09:02 [Fixwareout edited 9/01/2007]

~~~~~ Prerun check
HKLM\SOFTWARE\~\Winlogon\ "System"="kdvbl.exe"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.115.30 85.255.112.184" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{5C1FE956-4C46-4B88-BAEC-4F257DF18246}
"nameserver"="85.255.115.30,85.255.112.184" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{647F5272-D95B-488F-8A55-4BD1EAA7EBFE}
"nameserver"="85.255.115.30,85.255.112.184" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{A369CF6C-66E8-496B-B94E-50065D139744}
"nameserver"="85.255.115.30,85.255.112.184" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{647F5272-D95B-488F-8A55-4BD1EAA7EBFE}
"DhcpNameServer"="85.255.115.30,85.255.112.184" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{D1441099-C6CA-448E-ABFE-7E4BFF7D7605}
"DhcpNameServer"="85.255.115.30,85.255.112.184" <Value cleared.

Successfully flushed the DNS Resolver Cache.


System was rebooted successfully.

~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "system"=""
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....
~~~~~ Other
C:\WINDOWS\TEMP\kdvbl.ren 73741 13/06/2007

~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"RTHDCPL"="RTHDCPL.EXE"
"SkyTel"="SkyTel.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"TI WLAN"="C:\\Program Files\\Wireless LAN Utility\\TIWLANCu.exe"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb10.exe"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"EPSON Stylus Photo R240 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIAHE.EXE /P30 \"EPSON Stylus Photo R240 Series\" /O6 \"USB001\" /M \"Stylus Photo R240\""
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"iKeyWorks"="C:\\PROGRA~1\\A4Tech\\Keyboard\\Ikeymain.exe"
"WheelMouse"="C:\\Program Files\\A4Tech\\Mouse\\Amoumain.exe"
"snpstd"="C:\\WINDOWS\\vsnpstd.exe"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"UfSeAgnt.exe"="\"C:\\Program Files\\Trend Micro\\Internet Security\\UfSeAgnt.exe\""
"ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"AdobeUpdater"="C:\\Program Files\\Common Files\\Adobe\\Updater5\\AdobeUpdater.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~


SmitFraudFix v2.274

Scan done at 2:32:42.15, 03/01/2008
Run from C:\Documents and Settings\user\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\user


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\user\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\user\Desktop\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix.exe by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: 802.11g Wireless PCI Card - Packet Scheduler Miniport
DNS Server Search Order: 192.168.2.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{5C1FE956-4C46-4B88-BAEC-4F257DF18246}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{5C1FE956-4C46-4B88-BAEC-4F257DF18246}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{5C1FE956-4C46-4B88-BAEC-4F257DF18246}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

ComboFix 08-01-03.4 - user 2008-01-03 2:37:55.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.590 [GMT 0:00]
Running from: C:\Documents and Settings\user\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\user\Application Data\ultra
C:\Documents and Settings\user\Application Data\ultra\uninstall.bat
C:\WINDOWS\inf\ultra.inf

.
((((((((((((((((((((((((( Files Created from 2007-12-03 to 2008-01-03 )))))))))))))))))))))))))))))))
.

2008-01-03 02:32 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-01-03 02:32 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-01-03 02:32 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-01-03 02:32 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-01-03 02:32 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-03 02:32 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-31 21:26 . 2007-12-31 21:26 <DIR> d-------- C:\Program Files\Java
2007-12-31 21:26 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-12-26 10:52 . 2008-01-03 02:41 2,060,320 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-26 10:52 . 2008-01-03 02:10 24,620 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-26 10:44 . 2007-12-26 10:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-12-24 09:44 . 2007-12-24 09:44 <DIR> d-------- C:\Program Files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-03 02:33 3,816 ----a-w C:\WINDOWS\system32\tmp.reg
2007-12-24 10:22 9,605 ----a-w C:\Program Files\hijackthis.log
2007-12-20 14:24 --------- d-----w C:\Program Files\Google
2007-12-12 01:23 --------- d-----w C:\Program Files\Windows Live
2007-11-21 21:10 --------- d-----w C:\Program Files\Driving Test Success Plus
2007-11-21 12:45 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2007-11-21 12:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-15 14:51 --------- d-----w C:\Documents and Settings\user\Application Data\PlayFirst
2007-11-14 16:05 75,248 ----a-w C:\WINDOWS\zllsputility.exe
2007-11-14 16:05 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-11 20:10 --------- d-----w C:\Program Files\SmitfraudFix
2007-11-09 13:46 401,720 ----a-w C:\Program Files\hijack.exe
2007-11-08 02:36 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-11-08 02:36 --------- d-----w C:\Program Files\Trend Micro
2007-11-08 02:36 --------- d-----w C:\Program Files\SilverCreekCommonFiles
2007-11-08 02:36 --------- d-----w C:\Program Files\MSXML 4.0
2007-11-08 02:36 --------- d-----w C:\Program Files\Common Files\xing shared
2007-11-08 02:36 --------- d-----w C:\Documents and Settings\user\Application Data\AOL
2007-11-08 02:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
2007-11-08 02:35 --------- d-----w C:\Program Files\Common Files\AOL
2007-11-08 02:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trend Micro
2007-11-07 23:13 --------- d-----w C:\Program Files\MSN Messenger
2007-11-07 19:55 67,777 ----a-w C:\Program Files\log malware.txt
2007-11-07 16:23 --------- d-----w C:\Documents and Settings\user\Application Data\LimeWire
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 17:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-07-17 01:51 123,461 ----a-w C:\Program Files\Common Files\Hewlett-Packard.zip
2007-07-05 00:27 1,708,148 ----a-w C:\Documents and Settings\All Users\Documents.zip
2007-06-06 02:21 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2007-05-08 11:08 31,248 ----a-w C:\Program Files\tmpreflt.sys
2007-05-08 11:08 252,128 ----a-w C:\Program Files\Tmfilter.sys
2007-05-08 11:08 197,648 ----a-w C:\Program Files\tmxpflt.sys
2007-05-08 11:08 1,051,456 ----a-w C:\Program Files\VsapiNT.sys
2007-03-23 12:57 132 ----a-w C:\Documents and Settings\user\Application Data\wklnhst.dat
2004-06-22 08:04 94,438 ------w C:\Program Files\hposcu08.inf
2004-06-22 08:04 9,777 ------w C:\Program Files\hpzipr13.inf
2004-06-22 08:04 9,773 ------w C:\Program Files\hpousc08.inf
2004-06-22 08:04 70,656 ------w C:\Program Files\msvcirt.dll
2004-06-22 08:04 7,579 ------w C:\Program Files\hpound08.inf
2004-06-22 08:04 66,431 ------w C:\Program Files\hpoprl04.dat
2004-06-22 08:04 65,420 ------w C:\Program Files\hpoprl05.dat
2004-06-22 08:04 65 ------w C:\Program Files\dxprl.dat
2004-06-22 08:04 6,704 ------w C:\Program Files\hpounp08.inf
2004-06-22 08:04 53,670 ------w C:\Program Files\hposcu08.cat
2004-06-22 08:04 52,349 ------w C:\Program Files\hpzius13.cat
2004-06-22 08:04 52,349 ------w C:\Program Files\HPZius12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzist13.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzist12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzipr13.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\HPZipr12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzid413.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\HPZid412.cat
2004-06-22 08:04 51,026 ------w C:\Program Files\HPOunp08.cat
2004-06-22 08:04 50,615 ------w C:\Program Files\hpzid412.inf
2004-06-22 08:04 5,538 ------w C:\Program Files\hpzist12.inf
2004-06-22 08:04 49,212 ------w C:\Program Files\hpzjvp01.dll
2004-06-22 08:04 458,752 ------w C:\Program Files\tls704d.dll
2004-06-22 08:04 447,400 ------w C:\Program Files\hpoprn08.cat
2004-06-22 08:04 442,425 ------w C:\Program Files\hpzjpp01.dll
2004-06-22 08:04 4,779 ------w C:\Program Files\hpoglu08.inf
2004-06-22 08:04 4,768 ------w C:\Program Files\hpoprl01.dat
2004-06-22 08:04 4,144 ------w C:\Program Files\hpousb08.inf
2004-06-22 08:04 4,132 ------w C:\Program Files\hpzist13.inf
2004-06-22 08:04 4,014 ------w C:\Program Files\hpoprl08.dat
2004-06-22 08:04 399 ------w C:\Program Files\hpzprl01.dat
2004-06-22 08:04 314 ------w C:\Program Files\hpqprl01.dat
2004-06-22 08:04 3,448 ------w C:\Program Files\hpohub08.inf
2004-06-22 08:04 297 ------w C:\Program Files\Readme.html
2004-06-22 08:04 290,873 ------w C:\Program Files\hpzjut01.dll
2004-06-22 08:04 28,722 ------w C:\Program Files\hpzjlog.dll
2004-06-22 08:04 270,336 ------w C:\Program Files\hpzglu10.exe
2004-06-22 08:04 270,336 ------w C:\Program Files\hpzc3212.dll
2004-06-22 08:04 26,768 ------w C:\Program Files\usbhub.sys
2004-06-22 08:04 254,005 ------w C:\Program Files\msvcrt.dll
2004-06-22 08:04 22,636 ------w C:\Program Files\hpzid413.inf
2004-06-22 08:04 22,608 ------w C:\Program Files\usbprint.sys
2004-06-22 08:04 205 ------w C:\Program Files\hpzprl02.dat
2004-06-22 08:04 200,704 ------w C:\Program Files\hpzpnp10.dll
2004-06-22 08:04 20,168 ------w C:\Program Files\hpzius12.inf
2004-06-22 08:04 2,542 ------w C:\Program Files\hpoprl02.dat
2004-06-22 08:04 19,578 ------w C:\Program Files\hpoprl03.dat
2004-06-22 08:04 176,128 ------w C:\Program Files\hpzscr10.dll
2004-06-22 08:04 17,176 ------w C:\Program Files\hpomdl04.dat
2004-06-22 08:04 16,416 ------w C:\Program Files\HPZUCI12.DLL
2004-06-22 08:04 14,845 ------w C:\Program Files\hpoapd01.dat
2004-06-22 08:04 14,815 ------w C:\Program Files\hpzius13.inf
2004-06-22 08:04 137,124 ------w C:\Program Files\hpoprn08.inf
2004-06-22 08:04 12,922 ------w C:\Program Files\hpzipr12.inf
2004-06-22 08:04 12,288 ------w C:\Program Files\usbmon.dll
2004-06-22 08:04 1,980 ------w C:\Program Files\hpoprl07.dat
2004-06-22 08:04 1,479 ------w C:\Program Files\license.txt
2004-06-22 08:04 1,391 ------w C:\Program Files\readme.txt
2004-06-22 08:04 1,073,152 ------w C:\Program Files\Setup.exe
2004-03-17 17:13 1,028,368 ----a-w C:\Program Files\vbrun60sp6.exe
2007-05-28 20:41 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052120070528\index.dat
2007-05-28 20:41 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052820070529\index.dat
2007-05-29 20:49 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052920070530\index.dat
2007-05-30 19:12 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053020070531\index.dat
2007-05-31 19:38 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053120070601\index.dat
2007-06-02 18:05 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007060220070603\index.dat
.

((((((((((((((((((((((((((((( snapshot@2007-11-19_ 4.42.33.20 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-03-14 17:05:20 7,168 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2007-12-01 01:41:30 8,192 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-03-14 17:05:18 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2007-12-01 01:41:32 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-03-14 17:05:15 716,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2007-12-01 01:41:41 720,896 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-03-14 17:05:15 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2007-12-01 01:41:33 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-03-14 17:05:20 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2007-12-01 01:41:39 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
- 2007-03-14 17:05:21 299,008 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2007-12-01 01:41:36 303,104 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-03-14 17:05:19 1,290,240 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
+ 2007-12-01 01:41:39 1,294,336 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
- 2007-03-14 17:05:19 1,699,840 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
+ 2007-12-01 01:41:31 1,703,936 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-03-14 17:05:19 86,016 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2007-12-01 01:41:41 90,112 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-03-14 17:05:19 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2007-12-01 01:41:36 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-03-14 17:05:19 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2007-12-01 01:41:34 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-03-14 17:05:19 64,000 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2007-12-01 01:41:34 66,560 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
- 2007-03-14 17:05:19 368,640 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
+ 2007-12-01 01:41:38 372,736 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-03-14 17:05:19 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2007-12-01 01:41:42 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-03-14 17:05:19 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2007-12-01 01:41:37 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-03-14 17:05:19 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2007-12-01 01:41:34 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-03-14 17:05:19 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2007-12-01 01:41:35 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-03-14 17:05:19 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2007-12-01 01:41:40 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-03-14 17:05:20 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2007-12-01 01:41:30 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-03-14 17:05:20 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2007-12-01 01:41:33 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-03-14 17:05:20 569,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2007-12-01 01:41:32 573,440 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-03-14 17:05:19 1,245,184 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2007-12-02 01:41:55 1,265,664 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-03-14 17:05:20 2,039,808 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2007-12-01 01:41:35 2,052,096 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-03-14 17:05:20 1,335,296 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.Xml.dll
+ 2007-12-01 01:41:38 1,339,392 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
- 2007-03-14 17:05:19 1,216,512 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2007-12-02 01:41:56 1,232,896 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2007-12-02 01:42:14 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_6c209483\CustomMarshalers.dll
+ 2007-12-02 16:54:55 118,784 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_f7a7aba3\CustomMarshalers.dll
+ 2007-12-02 16:54:44 3,391,488 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_16ca7b18\mscorlib.dll
+ 2007-12-02 16:55:22 8,908,800 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_99a39f3d\mscorlib.dll
+ 2007-12-02 16:54:29 1,470,464 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_5708714f\System.Design.dll
+ 2007-12-02 16:55:13 3,395,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_5c7f198d\System.Design.dll
+ 2007-12-02 16:54:56 192,512 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_c2d6acd3\System.Drawing.Design.dll
+ 2007-12-02 16:53:48 90,112 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_d1db38dd\System.Drawing.Design.dll
+ 2007-12-02 16:55:16 2,244,608 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_89ff1021\System.Drawing.dll
+ 2007-12-02 16:54:40 835,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b927e05c\System.Drawing.dll
+ 2007-12-02 16:55:02 7,884,800 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_65edacf6\System.Windows.Forms.dll
+ 2007-12-02 16:54:06 3,018,752 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_ea3eb20a\System.Windows.Forms.dll
+ 2007-12-02 16:54:15 2,088,960 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_3f39ad99\System.Xml.dll
+ 2007-12-02 16:55:09 5,513,216 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_6779a1f5\System.Xml.dll
+ 2007-12-02 01:42:07 1,966,080 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_48c82c80\System.dll
+ 2007-12-02 16:54:54 4,788,224 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_f7edce58\System.dll
+ 2007-08-20 10:04:34 124,928 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-20 10:04:34 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-20 10:04:34 132,608 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-20 10:04:34 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-17 10:20:54 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-20 10:04:34 153,088 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-20 10:04:35 230,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-08-20 10:04:35 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-08-20 10:04:35 384,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-20 10:04:37 6,058,496 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-20 10:04:38 44,544 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-20 10:04:38 267,776 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-17 10:20:54 13,824 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-17 10:21:21 625,152 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-20 10:04:39 27,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-20 10:04:39 459,264 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-20 10:04:39 52,224 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-20 10:04:41 3,584,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-20 10:04:41 477,696 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-20 10:04:41 193,024 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-20 10:04:42 671,232 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-20 10:04:42 102,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-08-20 10:04:42 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-20 10:04:42 1,152,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-20 10:04:42 232,960 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-20 10:04:43 824,832 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
- 2007-11-16 07:28:11 593,920 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2007-12-13 03:04:38 593,920 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2007-11-16 07:28:11 12,288 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2007-12-13 03:04:38 12,288 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2007-11-16 07:28:11 86,016 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2007-12-13 03:04:38 86,016 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2007-11-16 07:28:11 135,168 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2007-12-13 03:04:38 135,168 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2007-11-16 07:28:11 11,264 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2007-12-13 03:04:38 11,264 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2007-11-16 07:28:11 27,136 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2007-12-13 03:04:38 27,136 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2007-11-16 07:28:12 4,096 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2007-12-13 03:04:38 4,096 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2007-11-16 07:28:12 794,624 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2007-12-13 03:04:38 794,624 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2007-11-16 07:28:11 249,856 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2007-12-13 03:04:38 249,856 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2007-11-16 07:28:11 61,440 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2007-12-13 03:04:38 61,440 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2007-11-16 07:28:12 23,040 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2007-12-13 03:04:38 23,040 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2007-11-16 07:28:11 286,720 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2007-12-13 03:04:38 286,720 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-11-16 07:28:11 409,600 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-12-13 03:04:38 409,600 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2003-02-20 19:19:32 253,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2007-04-13 21:30:52 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2003-02-20 19:19:34 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2004-07-15 01:49:18 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
- 2003-02-20 19:19:38 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
+ 2004-07-15 01:49:26 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
- 2003-02-20 19:19:36 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2007-04-13 21:30:52 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 19:09:08 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2007-04-13 20:57:52 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2003-02-21 10:20:44 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2004-07-15 11:23:28 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
- 2003-02-21 10:21:00 626,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2004-07-15 11:23:44 626,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
- 2003-02-20 19:06:20 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2004-07-15 00:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2003-10-08 14:30:14 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe
- 2003-02-21 07:24:38 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
+ 2004-07-15 14:31:00 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
- 2003-02-21 07:24:40 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2004-07-15 14:31:04 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
- 2003-02-20 19:09:40 196,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2004-07-15 00:35:30 196,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
- 2003-02-21 07:26:36 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
+ 2004-07-15 14:28:58 720,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
- 2003-02-21 07:26:38 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
+ 2004-07-15 14:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
- 2003-02-21 07:25:04 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
+ 2004-07-15 14:28:50 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
- 2003-02-21 07:25:04 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
+ 2004-07-15 14:28:50 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
- 2003-02-20 19:09:12 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
+ 2004-07-15 00:32:44 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
- 2003-02-20 19:09:12 233,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
+ 2004-07-15 00:32:46 233,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
- 2003-02-20 19:09:14 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2007-04-13 20:57:58 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2003-02-20 19:06:32 311,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2007-04-13 20:56:30 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2003-02-20 19:09:16 98,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2007-04-13 20:58:00 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2003-02-21 07:26:34 2,088,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-04-13 20:50:46 2,142,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2003-02-20 19:09:18 143,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
+ 2004-07-15 00:33:22 143,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
- 2003-02-20 19:09:18 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
+ 2004-07-15 00:33:24 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
- 2003-02-20 19:09:18 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2007-04-13 20:58:02 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2003-02-20 19:07:34 2,494,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2007-04-13 20:57:00 2,523,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2003-02-20 19:08:32 2,482,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2007-04-13 20:57:28 2,514,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2007-01-15 16:11:26 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
- 2003-02-20 19:09:30 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
+ 2004-07-15 00:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
- 2003-02-21 07:26:46 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2004-07-15 14:28:48 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2004-07-15 01:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_aspnet_isapi.dll
+ 2004-07-15 00:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_CORPerfMonExt.dll
+ 2004-07-15 00:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_fusion.dll
+ 2004-07-15 00:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_mscorjit.dll
+ 2004-07-15 14:29:02 2,138,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_mscorlib.dll
+ 2003-02-20 19:09:18 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_mscorsn.dll
+ 2004-07-15 00:26:52 2,510,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_mscorsvr.dll
+ 2004-07-15 00:28:34 2,502,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_mscorwks.dll
+ 2003-02-21 04:42:22 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_msvcr71.dll
+ 2004-07-15 00:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_PerfCounter.dll
- 2003-02-20 19:09:34 319,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SOS.dll
+ 2004-07-15 00:35:04 319,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SOS.dll
- 2003-02-21 07:26:38 1,290,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
+ 2004-07-15 14:32:00 1,294,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
- 2003-02-21 07:25:42 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
+ 2004-07-15 14:31:14 303,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
- 2003-02-21 07:26:42 1,699,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
+ 2004-07-15 14:29:02 1,703,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
- 2003-02-21 07:26:44 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
+ 2004-07-15 14:28:54 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
- 2003-02-21 07:26:46 1,216,512 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2007-04-13 21:35:38 1,232,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2003-02-21 07:26:50 466,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2004-07-15 14:28:58 466,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
- 2003-02-21 07:26:50 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
+ 2004-07-15 14:28:56 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
- 2003-02-20 19:09:36 64,000 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
+ 2004-07-15 00:35:12 66,560 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
- 2003-02-21 07:26:52 368,640 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
+ 2004-07-15 14:31:58 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
- 2003-02-21 07:26:54 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
+ 2004-07-15 14:31:12 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
- 2003-02-21 07:26:56 323,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
+ 2004-07-15 14:28:58 323,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
- 2003-02-21 07:26:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
+ 2004-07-15 14:31:54 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
- 2003-02-21 07:26:58 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2004-07-15 14:28:52 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2003-02-21 07:27:00 126,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
+ 2004-07-15 14:28:54 126,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
- 2003-02-21 07:27:02 1,245,184 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2007-04-13 21:35:46 1,265,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2003-02-21 07:27:06 819,200 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
+ 2004-07-15 14:28:58 819,200 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
- 2003-02-21 07:24:18 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
+ 2004-07-15 14:28:52 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
- 2003-02-21 07:27:06 569,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
+ 2004-07-15 14:31:16 573,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
- 2003-02-21 07:27:08 2,039,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2004-07-15 14:32:02 2,052,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
- 2003-02-21 07:27:10 1,335,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2004-07-15 14:29:00 1,339,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2004-06-22 13:51:38 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2003-02-21 10:20:38 737,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe
+ 2004-07-15 11:23:20 737,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe
- 2003-02-21 05:04:18 1,032,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
+ 2004-07-15 08:15:14 1,032,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
- 2003-02-20 20:10:40 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
+ 2004-07-15 02:11:56 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
- 2007-06-17 00:11:58 51,200 ----a-w C:\WINDOWS\NirCmd.exe
+ 2000-08-31 08:00:00 51,200 ----a-w C:\WINDOWS\NirCmd.exe
- 2007-08-20 10:04:34 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-10-10 23:55:51 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2007-08-20 10:04:34 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-10-10 23:55:51 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2007-08-20 10:04:34 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-10-10 23:55:51 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-08-20 10:04:34 132,608 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-10-10 23:55:51 132,608 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-08-20 10:04:34 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2007-10-10 23:55:51 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2007-08-17 10:20:54 63,488 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-10-10 10:59:40 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-08-20 10:04:34 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-10-10 23:55:51 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-08-20 10:04:35 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-10-10 23:55:51 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-08-17 07:34:25 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-10-10 05:46:55 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-08-20 10:04:35 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2007-10-10 23:55:52 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-08-20 10:04:35 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-10-10 23:55:52 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-08-20 10:04:37 6,058,496 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2007-10-10 23:55:54 6,065,664 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-08-20 10:04:38 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-10-10 23:55:55 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-08-20 10:04:38 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2007-10-10 23:55:55 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-08-17 10:20:54 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-08-17 10:21:21 625,152 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-10-10 10:59:52 625,152 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-08-20 10:04:39 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-10-10 23:55:56 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2007-08-20 10:04:39 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2007-10-10 23:55:56 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-08-20 10:04:39 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2007-10-10 23:55:56 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-08-20 10:04:41 3,584,512 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-10-30 23:42:28 3,590,656 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-08-20 10:04:41 477,696 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-10-10 23:55:58 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2007-08-20 10:04:41 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-10-10 23:55:58 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-08-20 10:04:42 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-10-10 23:55:59 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2007-08-20 10:04:42 102,400 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-10-10 23:55:59 102,400 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2005-08-30 03:54:26 1,287,168 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2007-10-29 22:43:03 1,287,680 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2007-08-20 10:04:42 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2007-10-10 23:55:59 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
- 2007-08-20 10:04:42 1,152,000 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-10-10 23:56:00 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2007-08-20 10:04:42 232,960 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-10-10 23:56:00 232,960 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-08-20 10:04:43 824,832 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-10-10 23:56:00 824,832 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2006-10-18 20:47:18 222,208 -c--a-w C:\WINDOWS\system32\dllcache\WMASF.dll
+ 2007-10-27 17:40:30 222,720 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2007-07-19 15:10:28 127,768 ----a-w C:\WINDOWS\system32\drivers\klif.sys
- 2007-08-20 10:04:34 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2007-10-10 23:55:51 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-08-20 10:04:34 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2007-10-10 23:55:51 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2007-08-20 10:04:34 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2007-10-10 23:55:51 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2007-08-17 10:20:54 63,488 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2007-10-10 10:59:40 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2007-08-20 10:04:34 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2007-10-10 23:55:51 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2007-08-20 10:04:35 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2007-10-10 23:55:51 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2007-08-17 07:34:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2007-10-10 05:46:55 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2007-08-20 10:04:35 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2007-10-10 23:55:52 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-08-20 10:04:35 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2007-10-10 23:55:52 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2007-08-20 10:04:37 6,058,496 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2007-10-10 23:55:54 6,065,664 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-08-20 10:04:38 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2007-10-10 23:55:55 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2007-08-20 10:04:38 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2007-10-10 23:55:55 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-08-17 10:20:54 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-10-10 10:59:40 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-07-12 00:22:00 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2007-09-24 22:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2007-07-12 00:22:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2007-09-24 22:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2007-07-12 01:22:38 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2007-09-24 23:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2007-08-20 10:04:39 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-10-10 23:55:56 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-11-14 16:04:46 796,048 ----a-w C:\WINDOWS\system32\libeay32_0.9.6l.dll
- 2007-11-02 07:12:57 18,238,072 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2007-12-02 23:00:05 18,684,536 ----a-w C:\WINDOWS\system32\MRT.exe
- 2003-02-20 19:06:24 155,648 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2006-12-22 12:28:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll
- 2003-02-20 18:43:38 16,896 ----a-w C:\WINDOWS\system32\mscorier.dll
+ 2004-07-14 23:34:06 16,896 ----a-w C:\WINDOWS\system32\mscorier.dll
- 2007-08-20 10:04:39 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2007-10-10 23:55:56 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-08-20 10:04:39 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-10-10 23:55:56 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2007-08-20 10:04:41 3,584,512 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-10-30 23:42:28 3,590,656 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-08-20 10:04:41 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2007-10-10 23:55:58 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2007-08-20 10:04:41 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2007-10-10 23:55:58 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2007-08-20 10:04:42 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2007-10-10 23:55:59 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2006-12-22 13:02:36 6,144 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll
- 2007-08-20 10:04:42 102,400 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-10-10 23:55:59 102,400 ----a-w C:\WINDOWS\system32\occache.dll
- 2007-10-29 15:36:16 64,380 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2007-12-01 01:41:23 68,046 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-10-29 15:36:16 407,796 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2007-12-01 01:41:23 416,084 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2007-07-22 18:39:27 279,552 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2000-08-31 08:00:00 156,160 ----a-w C:\WINDOWS\system32\swreg.exe
- 2007-07-18 12:42:22 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2007-08-20 10:04:42 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2007-10-10 23:55:59 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-08-20 10:04:42 1,152,000 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-10-10 23:56:00 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-11-14 16:04:52 83,432 ----a-w C:\WINDOWS\system32\vsdata.dll
+ 2007-11-14 16:05:16 394,952 ----a-w C:\WINDOWS\system32\vsdatant.sys
+ 2007-11-14 16:04:52 157,160 ----a-w C:\WINDOWS\system32\vsinit.dll
+ 2007-11-14 16:04:52 103,912 ----a-w C:\WINDOWS\system32\vsmonapi.dll
+ 2007-11-14 16:04:52 275,944 ----a-w C:\WINDOWS\system32\vspubapi.dll
+ 2007-11-14 16:04:52 71,144 ----a-w C:\WINDOWS\system32\vsregexp.dll
+ 2007-11-14 16:04:54 472,552 ----a-w C:\WINDOWS\system32\vsutil.dll
+ 2007-11-14 16:04:54 46,568 ----a-w C:\WINDOWS\system32\vswmi.dll
+ 2007-11-14 16:04:54 99,816 ----a-w C:\WINDOWS\system32\vsxml.dll
- 2007-08-20 10:04:42 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-10-10 23:56:00 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2007-08-20 10:04:43 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-10-10 23:56:00 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-11-14 16:04:56 83,432 ----a-w C:\WINDOWS\system32\zlcomm.dll
+ 2007-11-14 16:04:56 71,144 ----a-w C:\WINDOWS\system32\zlcommdb.dll
- 2007-05-03 19:52:42 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
+ 2008-01-03 02:11:29 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
+ 2007-11-14 16:04:44 370,208 ----a-w C:\WINDOWS\system32\ZoneLabs\av.dll
+ 2007-05-31 00:03:30 65,248 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\aphish.dat
+ 2006-06-30 14:47:36 21,568 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.dll
+ 2007-05-31 00:03:16 77,824 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll
+ 2007-05-31 00:03:16 110,592 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll
+ 2007-05-31 00:03:16 331,776 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll
+ 2007-05-31 00:03:16 38,400 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll
+ 2007-07-19 15:10:32 110,360 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\w2kxp32\kl1.sys
+ 2007-07-19 15:10:32 186,128 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\w2kxp32\klif.sys
+ 2007-05-31 00:03:48 110,360 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\x32\kl1.sys
+ 2007-07-19 15:10:28 127,768 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\x32\klif.sys
+ 2007-05-31 00:03:50 45,056 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\x32\regcat.exe
+ 2006-09-19 23:12:14 208,960 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll
+ 2007-09-11 21:09:16 274,432 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll
+ 2006-12-19 18:13:52 1,093,632 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll
+ 2007-05-31 00:03:20 548,864 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\msvcp80.dll
+ 2007-05-31 00:03:20 626,688 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\msvcr80.dll
+ 2007-05-31 00:03:18 184,320 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll
+ 2007-05-31 00:03:22 90,112 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\prremote.dll
+ 2007-09-11 21:09:16 135,168 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
+ 2006-12-19 18:13:52 200,704 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll
+ 2007-11-14 16:04:44 99,816 ----a-w C:\WINDOWS\system32\ZoneLabs\camupd.dll
+ 2004-01-30 12:35:08 813,568 ----a-w C:\WINDOWS\system32\ZoneLabs\dbghelp.dll
+ 2007-11-14 16:04:46 128,480 ----a-w C:\WINDOWS\system32\ZoneLabs\fbl.dll
+ 2007-11-14 16:04:46 38,376 ----a-w C:\WINDOWS\system32\ZoneLabs\featuremap.dll
+ 2007-11-14 16:04:46 321,016 ----a-w C:\WINDOWS\system32\ZoneLabs\imsecure.dll
+ 2007-11-14 16:05:18 288,144 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard.zip.dll
+ 2007-11-14 16:05:18 152,976 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\licenseui.zip.dll
+ 2007-11-14 16:05:18 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll
+ 2007-11-14 16:05:18 1,361,296 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll
+ 2007-11-14 16:05:20 71,056 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll
+ 2007-11-14 16:06:34 30,184 ----a-w C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll
+ 2007-11-14 16:06:36 30,216 ----a-w C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll
+ 2007-10-18 20:18:38 714,208 ----a-w C:\WINDOWS\system32\ZoneLabs\qrbase.dll
+ 2007-10-18 20:18:38 787,936 ----a-w C:\WINDOWS\system32\ZoneLabs\qrsrecl.dll
+ 2007-11-14 16:04:48 173,544 ----a-w C:\WINDOWS\system32\ZoneLabs\scheduler.dll
+ 2007-01-11 11:12:08 2,432,259 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat
+ 2007-10-18 20:18:40 1,500,640 ----a-w C:\WINDOWS\system32\ZoneLabs\srescan.dll
+ 2007-10-18 20:18:44 51,176 ----a-w C:\WINDOWS\system32\ZoneLabs\srescan.sys
+ 2007-11-14 16:04:50 456,168 ----a-w C:\WINDOWS\system32\ZoneLabs\ssleay32.dll
+ 2007-11-14 16:06:36 214,528 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll
+ 2007-11-14 16:06:36 3,266,040 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll
+ 2006-09-04 20:59:14 503,875 ----a-w C:\WINDOWS\system32\ZoneLabs\upd_core.dll
+ 2007-10-11 16:50:32 832,984 ----a-w C:\WINDOWS\system32\ZoneLabs\updating.dll
+ 2007-11-14 16:05:06 144,936 ----a-w C:\WINDOWS\system32\ZoneLabs\updclient.exe
+ 2007-01-11 17:31:06 286,787 ----a-w C:\WINDOWS\system32\ZoneLabs\updtrsdk.dll
+ 2007-11-14 16:04:52 108,008 ----a-w C:\WINDOWS\system32\ZoneLabs\vsavpro.dll
+ 2007-11-14 16:04:52 83,432 ----a-w C:\WINDOWS\system32\ZoneLabs\vsdb.dll
+ 2007-11-14 16:05:06 75,304 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmon.exe
+ 2007-11-14 16:04:52 2,029,032 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmondll.dll
+ 2007-11-14 16:04:54 1,361,384 ----a-w C:\WINDOWS\system32\ZoneLabs\vsruledb.dll
+ 2007-11-14 16:04:54 239,080 ----a-w C:\WINDOWS\system32\ZoneLabs\vsvault.dll
+ 2007-01-11 11:12:08 2,432,259 ----a-w C:\WINDOWS\system32\ZoneLabs\zlasdbup.dat
+ 2007-11-14 16:04:56 177,640 ----a-w C:\WINDOWS\system32\ZoneLabs\zlparser.dll
+ 2007-11-14 16:04:56 79,344 ----a-w C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll
+ 2007-11-14 16:04:58 382,440 ----a-w C:\WINDOWS\system32\ZoneLabs\zlsre.dll
+ 2007-11-14 16:04:58 120,296 ----a-w C:\WINDOWS\system32\ZoneLabs\zlupdate.dll
+ 1998-02-06 21:37:32 299,520 ----a-w C:\WINDOWS\uninst.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-08-16 15:19 5728112]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 12:00 15360]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 09:37 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 08:48 16208384 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 10:04 2879488 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-12 05:19 7626752]
"nwiz"="nwiz.exe" [2006-07-12 05:19 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-07-12 05:19 86016]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"TI WLAN"="C:\Program Files\Wireless LAN Utility\TIWLANCu.exe" [2007-03-22 17:54 1150976]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-06-22 08:05 172032]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 22:46 57344]
"EPSON Stylus Photo R240 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [2005-04-25 05:00 98304]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06 40048]
"iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [2006-09-07 08:21 65536]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [2006-09-07 08:17 200704]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2004-06-10 12:48 286720]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-10-28 22:08 185632]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [2007-09-28 08:42 1393928]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05 919016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-02-28 12:00 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]

R3 TNET1130;802.11 WLAN;C:\WINDOWS\system32\DRIVERS\TNET1130.sys [2004-12-01 18:35]
S0 twvxlvwr;twvxlvwr;C:\WINDOWS\system32\drivers\gwytwpdy.sys []
S3 Intels51;Intel(R) 536EP V.92 Modem;C:\WINDOWS\system32\DRIVERS\Intels51.sys [2002-03-09 16:42]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a45a072-8e3c-11dc-939c-00120e4979ac}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL index.htm

.
Contents of the 'Scheduled Tasks' folder
"2008-01-03 01:47:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-01-02 07:34:15 C:\WINDOWS\Tasks\User_Feed_Synchronization-{B5DE7115-B5F8-42C9-8237-2669F45FD293}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-03 02:41:35
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-03 2:42:34
ComboFix-quarantined-files.txt 2008-01-03 02:42:30
ComboFix2.txt 2007-11-19 04:43:07
ComboFix3.txt 2007-11-18 05:07:40
ComboFix4.txt 2007-11-15 21:17:16
.
2007-12-13 03:04:41 --- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:46:52, on 03/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TI WLAN] C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-a8637465bb4ac20b.spaces.live ... nPUpld.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/ ... 586-jc.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} - http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://fortunelounge.microgaming.com/g ... lashAX.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} - http://zone.msn.com/bingame/hsol/defaul ... uncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://smiley.oberon-media.com/online/o ... der_v6.cab
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: TI Wlan Service (tiwlnsvc) - Unknown owner - C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9355 bytes
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 4th, 2008, 9:35 am

Hello jemma_79

Have you installed some programs directly under Program Files and not in the default folder?



upload files to jotti

You seem to have a file I could not find any info on.
I need you to upload it to jotti so we can find out if it is bad.

Please upload a file for scanning:
Open http://virusscan.jotti.org/
Copy/paste this file and path into the white box at the top:
C:\Program Files\hpzglu10.exe

C:\Program Files\hijack.exe

C:\Program Files\log malware.txt

Press Submit - this will submit the file for testing.
Please wait for all the scanners to finish then copy and paste the results in your next response.
do this one at a time for each line

Note: If Jotti is busy, you can use VirusTotal instead.

Copy the following line into the white textbox:
C:\Program Files\hpzglu10.exe

C:\Program Files\hijack.exe

C:\Program Files\log malware.txt

Click Send.
Please post the results of this scan to this thread.
do this one at a time for each line

P2P Warning!

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Limewire

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. You may continue to use P2P sharing at your own risk; however, please keep in mind that this practice may be the source of your current malware infestation

I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

References for the risk of these programs can be found in these links: http://www.microsoft.com/windows/ie/community/columns/protection.mspx
http://www.techweb.com/wire/160500554
http://www.internetworldstats.com/articles/art053.htm
See Clean/Infected P2P Programs here

I would recommend that you uninstall LimeWire,, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.


please send me the results from jotti


gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 4th, 2008, 3:37 pm

Jotti's malware scan 2.99-TRANSITION_TO_3.00-R1
File to upload & scan: Virus

Service
Service load:
0% 100%
File: hpzglu10.exe
Status:
OK
MD5: b8dda7f88ac665bc8229533cf8e26a39
Packers detected:
-
Bit9 reports: No threat detected (more info)
Scanner results
Scan taken on 04 Jan 2008 18:53:21 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

© 2004-2008 Jordi Bosveld <jotti@jotti.org>

Jotti's malware scan 2.99-TRANSITION_TO_3.00-R1
File to upload & scan: Virus

Service
Service load:
0% 100%
File: hijack.exe
Status:
OK(Note: file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: e8269245566be948f6a219135b434160
Packers detected:
PE_PATCH.UPX, UPX
Bit9 reports: No threat detected (more info)
Scanner results
Scan taken on 04 Jan 2008 18:59:25 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

© 2004-2008 Jordi Bosveld <jotti@jotti.org>


Jotti's malware scan 2.99-TRANSITION_TO_3.00-R1
File to upload & scan: Virus

Service
Service load:
0% 100%
File: hijack.exe
Status:
OK(Note: file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: e8269245566be948f6a219135b434160
Packers detected:
PE_PATCH.UPX, UPX
Bit9 reports: No threat detected (more info)
Scanner results
Scan taken on 04 Jan 2008 18:59:25 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing
2004-2008 Jordi Bosveld <jotti@jotti.org>
Antivirus Version Last Update Result
AhnLab-V3 2008.1.5.10 2008.01.04 -
AntiVir 7.6.0.46 2008.01.04 -
Authentium 4.93.8 2008.01.04 -
Avast 4.7.1098.0 2008.01.04 -
AVG 7.5.0.516 2008.01.04 -
BitDefender 7.2 2008.01.04 -
CAT-QuickHeal 9.00 2008.01.04 -
ClamAV 0.91.2 2008.01.04 -
DrWeb 4.44.0.09170 2008.01.04 -
eSafe 7.0.15.0 2008.01.03 -
eTrust-Vet 31.3.5430 2008.01.04 -
Ewido 4.0 2008.01.04 -
FileAdvisor 1 2008.01.04 -
Fortinet 3.14.0.0 2008.01.04 -
F-Prot 4.4.2.54 2008.01.04 -
F-Secure 6.70.13030.0 2008.01.04 -
Ikarus T3.1.1.15 2008.01.04 -
Kaspersky 7.0.0.125 2008.01.04 -
McAfee 5200 2008.01.04 -
Microsoft 1.3109 2008.01.04 -
NOD32v2 2765 2008.01.04 -
Norman 5.80.02 2008.01.04 -
Panda 9.0.0.4 2008.01.04 -
Prevx1 V2 2008.01.04 -
Rising 20.25.42.00 2008.01.04 -
Sophos 4.24.0 2008.01.04 -
Sunbelt 2.2.907.0 2008.01.04 -
Symantec 10 2008.01.04 -
TheHacker 6.2.9.180 2008.01.04 -
VBA32 3.12.2.5 2008.01.02 -
VirusBuster 4.3.26:9 2008.01.04 -
Webwasher-Gateway 6.6.2 2008.01.04 -
Additional information
File size: 270336 bytes
MD5: b8dda7f88ac665bc8229533cf8e26a39
SHA1: abab35a7ec0c1375ead104817b6f51afcd068c60
PEiD: Armadillo v1.71
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 5th, 2008, 6:31 pm

HELLO jemma_79

IT SEEMS THAT YOU SCANNED ONE OF THE FILES TWICE

this one you did twice C:\Program Files\hijack.exe

upload files to jotti

You seem to have a file I could not find any info on.
I need you to upload it to jotti so we can find out if it is bad.

Please upload a file for scanning:
Open http://virusscan.jotti.org/
Copy/paste this file and path into the white box at the top:
C:\Program Files\log malware.txt

Press Submit - this will submit the file for testing.
Please wait for all the scanners to finish then copy and paste the results in your next response.
please do this for each line one at a time

Note: If Jotti is busy, you can use VirusTotal instead.

Copy the following line into the white textbox:
C:\Program Files\log malware.txt

Click Send.
Please post the results of this scan to this thread.



Before I have you do some more I need to ask you how the computer is doing, are you still not able to go into safe mode?, is the computer to slow?, are you having popups?
just give me an idea of how your computer is doing
also Have you installed some programs directly under Program Files and not in the default folder?

gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 7th, 2008, 5:25 pm

File log_malware.txt received on 01.07.2008 22:12:47 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/32 (0%)
Loading server information...
Your file is queued in position: 2.
Estimated start time is between 41 and 59 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
AhnLab-V3 2008.1.8.10 2008.01.07 -
AntiVir 7.6.0.46 2008.01.07 -
Authentium 4.93.8 2008.01.07 -
Avast 4.7.1098.0 2008.01.07 -
AVG 7.5.0.516 2008.01.07 -
BitDefender 7.2 2008.01.07 -
CAT-QuickHeal 9.00 2008.01.07 -
ClamAV 0.91.2 2008.01.07 -
DrWeb 4.44.0.09170 2008.01.07 -
eSafe 7.0.15.0 2008.01.06 -
eTrust-Vet 31.3.5438 2008.01.07 -
Ewido 4.0 2008.01.07 -
FileAdvisor 1 2008.01.07 -
Fortinet 3.14.0.0 2008.01.07 -
F-Prot 4.4.2.54 2008.01.07 -
F-Secure 6.70.13030.0 2008.01.07 -
Ikarus T3.1.1.15 2008.01.07 -
Kaspersky 7.0.0.125 2008.01.07 -
McAfee 5201 2008.01.07 -
Microsoft 1.3109 2008.01.07 -
NOD32v2 2772 2008.01.07 -
Norman 5.80.02 2008.01.07 -
Panda 9.0.0.4 2008.01.07 -
Prevx1 V2 2008.01.07 -
Rising 20.26.02.00 2008.01.07 -
Sophos 4.24.0 2008.01.07 -
Sunbelt 2.2.907.0 2008.01.05 -
Symantec 10 2008.01.07 -
TheHacker 6.2.9.183 2008.01.07 -
VBA32 3.12.2.5 2008.01.07 -
VirusBuster 4.3.26:9 2008.01.07 -
Webwasher-Gateway 6.6.2 2008.01.07 -
Additional information
File size: 67777 bytes
MD5: 7b52bf3948f01ea9ff36d93507b611f3
SHA1: 32366393eeff274cdd122bac23bd0534fac92fd3
PEiD: -


computer is running rather slow programs are taking alot longer to load
not too sure as to wether my partner has installed any programs direct also teenage daughter had access to the pc for a short time so unable to comment sorry
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 9th, 2008, 8:50 am

will be posting fix soon

Gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 9th, 2008, 5:53 pm

HELLO jemma_79

you did not get the file scanned so please try one more time

upload files to jotti

You seem to have a file I could not find any info on.
I need you to upload it to jotti so we can find out if it is bad.

Please upload a file for scanning:
Open http://virusscan.jotti.org/
Copy/paste this file and path into the white box at the top:
C:\Program Files\log malware.txt

Press Submit - this will submit the file for testing.
Please wait for all the scanners to finish then copy and paste the results in your next response.
please do this for each line one at a time

Note: If Jotti is busy, you can use VirusTotal instead.

Copy the following line into the white textbox:
C:\Program Files\log malware.txt

Click Send.
Please post the results of this scan to this thread.


I would like to see these logs posted in your next reply

C:\ComboFix2.txt
C:\ComboFix3.txt
C:\ComboFix4.txt
C:\ComboFix5.txt
  • double click my computer on your desktop (if it is not on your desktop you need to click on start and it will be on the right hand side click on it)
  • under Hard disk drives look for Local disk C: double click it
  • search for each of the files above and submit them to me
I have seen some of these but there are a couple you have not posted and I need to see them

there is some other things I want to see so run this script below

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

Code: Select all
DirLook:: 
C:\Program Files\Common Files\xing shared
C:\Program Files\SilverCreekCommonFiles


Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 11th, 2008, 4:35 pm

[quote="gringo_pr"]HELLO jemma_79

you did not get the file scanned so please try one more time

[color=blue][b][u]upload files to jotti[/u][/b][/color]

You seem to have a file I could not find any info on.
I need you to upload it to jotti so we can find out if it is bad.

Please upload a file for scanning:
Open http://virusscan.jotti.org/
Copy/paste this file and path into the white box at the top:
[quote]C:\Program Files\log malware.txt[/quote]
Press [b]Submit[/b] - this will submit the file for testing.
Please wait for all the scanners to finish then copy and paste the results in your next response.
please do this for each line one at a time

Note: If Jotti is busy, you can use [url=http://www.virustotal.com/]VirusTotal[/url] instead.

Copy the following line into the white textbox:
[quote]C:\Program Files\log malware.txt[/quote]
Click Send.
Please post the results of this scan to this thread.


I would like to see these logs posted in your next reply

C:\ComboFix2.txt
C:\ComboFix3.txt
C:\ComboFix4.txt
C:\ComboFix5.txt
[list]
[*]double click my computer on your desktop (if it is not on your desktop you need to click on start and it will be on the right hand side click on it)
[*]under Hard disk drives look for Local disk C: double click it
[*]search for each of the files above and submit them to me[/list]
I have seen some of these but there are a couple you have not posted and I need to see them

there is some other things I want to see so run this script below

[color=blue][b][u]:Run CFScript:[/u][/b][/color]

Open [b]Notepad[/b] and copy/paste the text in the box into the window:

[code]
DirLook::
C:\Program Files\Common Files\xing shared
C:\Program Files\SilverCreekCommonFiles
[/code]

[b]Save[/b] it to your [b]desktop[/b] as [b]CFScript.txt[/b]

Refering to the picture above, drag CFScript.txt into ComboFix.exe
[img]http://users.pandora.be/bluepatchy/miekiemoes/images/CFScript.gif[/img]
This will let [b]ComboFix[/b] run again.
[b]Restart[/b] if you have to.
Save the [b]produced logfile[/b] to your desktop.

[b]Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall[/b]

gringo[/quote]

Service load:
0% 100%
File: log_malware.txt
Status:
OK(Note: file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 7b52bf3948f01ea9ff36d93507b611f3
Packers detected:
-
Bit9 reports: File not found
Scanner results
Scan taken on 11 Jan 2008 19:59:36 (GMT)
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

hi above are the results of the jotti scan for file C:Program files\logmalware.txt
if it helps any this log is a adaware 2007 scan log the results of this are:
Scan Results
Ad-Aware 2007 Free Edition
Log File Created on:2007-11-0718:53:25
Using Definitions File:C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\core.aawdef
Computer name:HOME2
Name of user performing scan:SYSTEM
Name of user ordering scan:user
Scan completed successfully

System Information
File Version Information
Ad-Aware 2007 Settings
Extended Ad-Aware 2007 Settings
Database Information
Scan Statistics
Scan Detailed Statistics
Infections Found
Listing of running processes
System Information
Number of processors:1
Processor type:AMD Sempron(tm) Processor 3000+
Memory Available:46%
Total Physical Memory:1005830144 Bytes
Available Physical Memory:457928704 Bytes
Total Page File Size:2427854848 Bytes
Available On Page File:1922347008 Bytes
Total Virtual Memory:2147352576 Bytes
Available Virtual Memory:1930981376 Bytes
OS:Microsoft Windows XP 5.1 (Build 2600)
[to top]
File Verion Information
File Version
CEAPI.dll 7, 0, 2, 3
aawservice.exe 7, 0, 2, 3
Ad-Aware2007.exe 7.0.2.3
[to top]
Ad-Aware 2007 Settings
Skipping files larger than:1048576 Bytes
Ignoring infections with lower TAI than:3
Safe Mode:False
[to top]
Extended Ad-Aware 2007 Settings
Unload malicious processes and modules
Unload Modules
Let Windows remove files at Start-Up
Deactivate Ad-Watch
Re-analyze Scan Result
Update Definitions on startup
Delete Restored Items
Write Protect System Files
Create Log file
Include basic settings
Include advanced settings
Include user and computer name
Environment information
Running processes
Running processes and modules
Include info about ignored objects in log file
Consider definitions File Outdated after x days
Proxy URL
Proxy Port
[to top]
Database Info
Version number:23
Build Number:0
Build Date and Time:2007/09/2408:39:16
[to top]
Scan Statistics
Method:Full

Items Scanned:225215
Infections Detected:8
Infections Removed:0
Infections Quarantined:0
Infections Ignored:0
[to top]
Scan Detailed Statistics
Type Critical Total
Process Scan 0 0
Registry Scan 3 3
Registry PE Scan 0 0
Hosts Scan 0 0
File Scan 1 1
Folder Scan 1 1
LSP Scan 0 0
ADS Scan 0 0
Cookie Scan 0 0
File Hash Scan 3 3
[to top]
Infections Found
Family Id Name Category TAI
1022 Win32.TrojanDownloader.NewMedia Malware 10
[41170] File: C:\WINDOWS\privacy_danger\images\capt.gif
[41169] File: C:\WINDOWS\privacy_danger\images\danger.jpg
[41172] File: C:\WINDOWS\privacy_danger\images\down.gif
[300021596] Root: HKU Path: S-1-5-21-57989841-1343024091-725345543-1004\software\microsoft\internet explorer\desktop\components\0 Value: FriendlyName Data: Privacy Protection
[300027871] Root: HKU Path: S-1-5-21-57989841-1343024091-725345543-1004\Software\Microsoft\Internet Explorer\Desktop\Components\0
[300028901] Root: HKU Path: S-1-5-21-57989841-1343024091-725345543-1004\Software\Microsoft\Internet Explorer\Main Value: Start Page Data: http://softwarereferral.com/jump.php?wm ... Ojg5&lid=2
[700005482] File: C:\WINDOWS\dat.txt
[400001866] Folder: C:\WINDOWS\privacy_danger


Quarantined Objects
Family Id Name Category TAI

Removed Objects
Family Id Name Category TAI
[to top]
Listing of Running Processes
C:\WINDOWS\SYSTEM32\SMSS.EXE
c:\windows\system32\smss.exe
c:\windows\system32\ntdll.dll
C:\WINDOWS\SYSTEM32\CSRSS.EXE
c:\windows\system32\csrss.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\csrsrv.dll
c:\windows\system32\basesrv.dll
c:\windows\system32\winsrv.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\sxs.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\version.dll
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
c:\windows\system32\winlogon.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\authz.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\nddeapi.dll
c:\windows\system32\profmap.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\regapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\version.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msgina.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\odbcint.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\ole32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\winscard.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\sxs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\wlnotify.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mpr.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\cscui.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\windows\system32\comres.dll
c:\windows\system32\clbcatq.dll
C:\WINDOWS\SYSTEM32\SERVICES.EXE
c:\windows\system32\services.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\scesrv.dll
c:\windows\system32\authz.dll
c:\windows\system32\umpnpmgr.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acadproc.dll
c:\windows\system32\imm32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\version.dll
c:\windows\system32\eventlog.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
C:\WINDOWS\SYSTEM32\LSASS.EXE
c:\windows\system32\lsass.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\lsasrv.dll
c:\windows\system32\mpr.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\samsrv.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\msprivs.dll
c:\windows\system32\kerberos.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\netlogon.dll
c:\windows\system32\w32time.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\schannel.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\wdigest.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\scecli.dll
c:\windows\system32\xlibgfl254.dll
c:\windows\system32\ipsecsvc.dll
c:\windows\system32\authz.dll
c:\windows\system32\oakley.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\pstorsvc.dll
c:\windows\system32\psbase.dll
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\termsrv.dll
c:\windows\system32\icaapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\authz.dll
c:\windows\system32\mstlsapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\atl.dll
c:\windows\system32\regapi.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshisn.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\wzcsvc.dll
c:\windows\system32\wmi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\esent.dll
c:\windows\system32\atl.dll
c:\windows\system32\irmon.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshirda.dll
c:\windows\system32\rastls.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\schannel.dll
c:\windows\system32\winscard.dll
c:\windows\system32\raschap.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\wzcsapi.dll
c:\windows\system32\schedsvc.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\msidle.dll
c:\windows\system32\audiosrv.dll
c:\windows\system32\wkssvc.dll
c:\windows\system32\qmgr.dll
c:\windows\system32\mpr.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\cryptsvc.dll
c:\windows\system32\certcli.dll
c:\windows\system32\ersvc.dll
c:\windows\system32\es.dll
c:\windows\pchealth\helpctr\binaries\pchsvc.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\hidserv.dll
c:\windows\system32\hid.dll
c:\windows\system32\srvsvc.dll
c:\windows\system32\netman.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\windows\system32\ipxsap.dll
c:\windows\system32\rtm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\adptif.dll
c:\windows\system32\seclogon.dll
c:\windows\system32\sens.dll
c:\windows\system32\srsvc.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\sxs.dll
c:\windows\system32\trkwks.dll
c:\windows\system32\w32time.dll
c:\windows\system32\wbem\wmisvc.dll
c:\windows\system32\vssapi.dll
c:\windows\system32\wuauserv.dll
c:\windows\system32\wuaueng.dll
c:\windows\system32\winspool.drv
c:\windows\system32\cabinet.dll
c:\windows\system32\mspatcha.dll
c:\windows\system32\browser.dll
c:\windows\system32\ipnathlp.dll
c:\windows\system32\authz.dll
c:\windows\system32\6to4svc.dll
c:\windows\system32\wscsvc.dll
c:\windows\system32\msi.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\wbem\wbemcore.dll
c:\windows\system32\wbem\esscli.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\wbem\repdrvfs.dll
c:\windows\system32\wbem\wmiprvsd.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\wbem\wbemess.dll
c:\windows\system32\comsvcs.dll
c:\windows\system32\colbact.dll
c:\windows\system32\mtxclu.dll
c:\windows\system32\clusapi.dll
c:\windows\system32\resutils.dll
c:\windows\system32\wbem\ncprov.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\tapisrv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\rasmans.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\netcfgx.dll
c:\windows\system32\rasdlg.dll
c:\windows\system32\upnp.dll
c:\windows\system32\ssdpapi.dll
c:\windows\system32\rastapi.dll
c:\windows\system32\unimdm.tsp
c:\windows\system32\uniplat.dll
c:\windows\system32\unimdmat.dll
c:\windows\system32\modemui.dll
c:\windows\system32\kmddsp.tsp
c:\windows\system32\ndptsp.tsp
c:\windows\system32\ipconf.tsp
c:\windows\system32\h323.tsp
c:\windows\system32\hidphone.tsp
c:\windows\system32\rasppp.dll
c:\windows\system32\ntlsapi.dll
c:\windows\system32\kerberos.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\ipxwan.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\advpack.dll
c:\windows\system32\catsrvut.dll
c:\windows\system32\catsrv.dll
c:\windows\system32\mfcsubs.dll
c:\windows\system32\mlang.dll
c:\windows\system32\xmlprovi.dll
c:\windows\system32\wups2.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\dnsrslvr.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\WINDOWS\SYSTEM32\EKVAKUH-EASAC.EXE
c:\windows\system32\ekvakuh-easac.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imm32.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\secur32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wship6.dll
c:\windows\system32\wshtcpip.dll
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\lmhsvc.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\webclnt.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ssdpsrv.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\httpapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\wship6.dll
C:\WINDOWS\SYSTEM32\EKVAKUH-EASAC.EXE
c:\windows\system32\ekvakuh-easac.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imm32.dll
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
c:\windows\system32\spoolsv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\spoolss.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\localspl.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\winspool.drv
c:\windows\system32\netapi32.dll
c:\windows\system32\cnbjmon.dll
c:\windows\system32\e_flmahe.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\mdimon.dll
c:\windows\system32\msi.dll
c:\windows\system32\pjlmon.dll
c:\windows\system32\tcpmon.dll
c:\windows\system32\usbmon.dll
c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\win32spl.dll
c:\windows\system32\netrap.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\inetpp.dll
C:\WINDOWS\EXPLORER.EXE
c:\windows\explorer.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\browseui.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\themeui.dll
c:\windows\system32\secur32.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\atl.dll
c:\windows\system32\msi.dll
c:\windows\system32\netshell.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mlang.dll
c:\windows\system32\msctf.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\wzcdlg.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\wzcsapi.dll
c:\windows\system32\sxs.dll
c:\windows\system32\winsta.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\stobject.dll
c:\windows\system32\batmeter.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\upnpui.dll
c:\windows\system32\upnp.dll
c:\windows\system32\ssdpapi.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\mydocs.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\kbdctrl.dll
c:\windows\neobus.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\midimap.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mpr.dll
c:\windows\system32\ntlanman.dll
c:\windows\system32\netui0.dll
c:\windows\system32\netui1.dll
c:\windows\system32\netrap.dll
c:\windows\system32\samlib.dll
c:\windows\system32\drprov.dll
c:\windows\system32\davclnt.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\qmgrprxy.dll
c:\windows\system32\amhooker.dll
c:\windows\system32\mshtmled.dll
c:\program files\common files\adobe\acrobat\activex\pdfshell.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\jscript.dll
c:\windows\system32\vbscript.dll
c:\windows\system32\mfc42.dll
c:\program files\epson\creativity suite\easy photo print\eppshell.dll
c:\windows\system32\syncui.dll
c:\windows\system32\actxprxy.dll
c:\windows\system32\browselc.dll
c:\windows\system32\winspool.drv
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
c:\windows\system32\duser.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\quartz.dll
c:\windows\system32\wmpasf.dll
c:\windows\system32\dxmasf.dll
c:\windows\system32\drmclien.dll
c:\windows\system32\mpg2splt.ax
c:\program files\common files\ahead\dsfilter\nevideo.ax
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\common files\ahead\lib\advrcntr.dll
c:\windows\system32\shdoclc.dll
c:\windows\system32\rmoc3260.dll
c:\windows\system32\pncrt.dll
c:\windows\system32\imgutil.dll
c:\windows\system32\mscms.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\msgina.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\odbcint.dll
c:\windows\system32\msrating.dll
C:\WINDOWS\RTHDCPL.EXE
c:\windows\rthdcpl.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\hhctrl.ocx
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\dsound.dll
c:\windows\system32\winmm.dll
c:\windows\system32\version.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\mpr.dll
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\windows\system32\ksuser.dll
C:\PROGRAM FILES\WIRELESS LAN UTILITY\TIWLANCU.EXE
c:\program files\wireless lan utility\tiwlancu.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\setupapi.dll
c:\program files\wireless lan utility\odsupp_m.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\mfc42.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\program files\wireless lan utility\msvcp60.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\secur32.dll
C:\PROGRAM FILES\ADOBE\PHOTOSHOP ALBUM STARTER EDITION\3.0\APPS\APDPROXY.EXE
c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\adobe\photoshop album starter edition\3.0\apps\apdboot.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\program files\adobe\photoshop album starter edition\3.0\apps\msvcp71.dll
c:\program files\adobe\photoshop album starter edition\3.0\apps\msvcr71.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\dsound.dll
c:\windows\system32\winmm.dll
c:\windows\system32\version.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\sti.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\msctf.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_FATIAHE.EXE
c:\windows\system32\spool\drivers\w32x86\3\e_fatiahe.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ole32.dll
C:\PROGRA~1\A4TECH\KEYBOARD\IKEYMAIN.EXE
c:\progra~1\a4tech\keyboard\ikeymain.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ole32.dll
c:\progra~1\a4tech\keyboard\ikeyhook.dll
c:\progra~1\a4tech\keyboard\ikeyhid.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\hid.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
C:\PROGRAM FILES\A4TECH\MOUSE\AMOUMAIN.EXE
c:\program files\a4tech\mouse\amoumain.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ole32.dll
c:\windows\system32\amhooker.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\program files\a4tech\mouse\amoures.dll
C:\WINDOWS\VSNPSTD.EXE
c:\windows\vsnpstd.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\mfc42.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ole32.dll
c:\windows\system32\msctf.dll
C:\PROGRAM FILES\JAVA\JRE1.6.0_02\BIN\JUSCHED.EXE
c:\program files\java\jre1.6.0_02\bin\jusched.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\ole32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
c:\program files\common files\real\update_ob\realsched.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
C:\WINDOWS\SYSTEM32\CTFMON.EXE
c:\windows\system32\ctfmon.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msutb.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\msctfime.ime
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\urlmon.dll
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\userenv.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\imm32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ole32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\version.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\wiaservc.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winspool.drv
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\actxprxy.dll
c:\windows\system32\sti.dll
C:\PROGRAM FILES\WIRELESS LAN UTILITY\TIWLNSVC.EXE
c:\program files\wireless lan utility\tiwlnsvc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\imm32.dll
C:\WINDOWS\SYSTEM32\ALG.EXE
c:\windows\system32\alg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\atl.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\w3ssl.dll
c:\windows\system32\strmfilt.dll
c:\windows\system32\secur32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\httpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ieui.dll
c:\windows\system32\msimg32.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
c:\windows\system32\xmllite.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\secur32.dll
c:\windows\system32\setupapi.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\mlang.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\bonrep.dll
c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
c:\program files\java\jre1.6.0_02\bin\ssv.dll
c:\program files\java\jre1.6.0_02\bin\msvcr71.dll
c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
c:\windows\system32\rsaenh.dll
c:\windows\ipwypktx.dll
c:\program files\common files\microsoft shared\windows live\msidcrl40.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\program files\epson\epson web-to-page\epson web-to-page.dll
c:\windows\system32\winspool.drv
c:\windows\system32\userenv.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\msi.dll
c:\windows\system32\sxs.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\actxprxy.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\ieapfltr.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\samlib.dll
c:\windows\system32\jscript.dll
c:\windows\system32\imgutil.dll
c:\windows\system32\mshtmled.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\atl.dll
c:\windows\system32\amhooker.dll
c:\windows\system32\rmoc3260.dll
c:\windows\system32\pncrt.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ddrawex.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLLOGINPROXY.EXE
c:\program files\common files\microsoft shared\windows live\wlloginproxy.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\program files\common files\microsoft shared\windows live\msidcrl40.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\version.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\userenv.dll
c:\windows\system32\secur32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\msi.dll
c:\windows\system32\sxs.dll
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE
c:\program files\lavasoft\ad-aware 2007\aawservice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\lavasoft\ad-aware 2007\ceapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\program files\lavasoft\ad-aware 2007\pkarchive84cb.dll
c:\windows\system32\shell32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\program files\lavasoft\ad-aware 2007\update.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\userenv.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\secur32.dll
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AD-AWARE2007.EXE
c:\program files\lavasoft\ad-aware 2007\ad-aware2007.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\inetmib1.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\snmpapi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\version.dll
c:\windows\system32\mpr.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\olepro32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\amhooker.dll
c:\windows\system32\browseui.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\userenv.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\linkinfo.dll
C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE
c:\program files\windows live\messenger\msnmsgr.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msimg32.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
c:\program files\windows live\messenger\msncore.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\version.dll
c:\windows\system32\winmm.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\msacm32.dll
c:\program files\windows live\messenger\msidcrl40.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\program files\windows live\messenger\contactsux.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\userenv.dll
c:\windows\system32\secur32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\msctf.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\inetcomm.dll
c:\windows\system32\msoert2.dll
c:\windows\system32\inetres.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\mlang.dll
c:\program files\windows live\messenger\msgslang.8.5.1288.0816.dll
c:\program files\windows live\messenger\msgsres.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\es.dll
c:\program files\windows live\messenger\lcapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\dsound.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\msdmo.dll
c:\program files\windows live\messenger\lcres.dll
c:\program files\windows live\messenger\rtmpltfm.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\midimap.dll
c:\windows\system32\quartz.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\windows\system32\d3dim700.dll
c:\windows\system32\dpnhupnp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\schannel.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\sxs.dll
c:\program files\windows live\messenger\msgswcam.dll
c:\windows\system32\sirenacm.dll
c:\windows\system32\riched20.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\msi.dll
c:\windows\system32\amhooker.dll
c:\program files\windows live\messenger\lmcdata.dll
c:\windows\system32\wship6.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\atl.dll
c:\windows\system32\samlib.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\ieframe.dll
c:\program files\windows live\messenger\dfsr.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
c:\windows\system32\esent.dll
c:\program files\windows live\messenger\abssm.dll
c:\program files\windows live\messenger\custsat.dll
c:\program files\windows live\messenger\usnsvcps.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\jscript.dll
c:\windows\system32\ddrawex.dll
c:\windows\system32\imgutil.dll
c:\windows\system32\mscoree.dll
c:\windows\microsoft.net\framework\v1.1.4322\mscorie.dll
c:\windows\microsoft.net\framework\v1.1.4322\msvcr71.dll
c:\windows\microsoft.net\framework\v1.1.4322\mscorld.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\wmasf.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\wmadmod.dll
c:\windows\system32\devenum.dll
C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\USNSVC.EXE
c:\program files\windows live\messenger\usnsvc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\version.dll
c:\program files\windows live\messenger\usnsvcps.dll
c:\windows\system32\rsaenh.dll
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ieui.dll
c:\windows\system32\msimg32.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
c:\windows\system32\xmllite.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\secur32.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\setupapi.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\msi.dll
c:\windows\system32\sxs.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\mlang.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\bonrep.dll
c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
c:\program files\java\jre1.6.0_02\bin\ssv.dll
c:\program files\java\jre1.6.0_02\bin\msvcr71.dll
c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
c:\windows\system32\rsaenh.dll
c:\windows\ipwypktx.dll
c:\program files\common files\microsoft shared\windows live\msidcrl40.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\program files\epson\epson web-to-page\epson web-to-page.dll
c:\windows\system32\winspool.drv
c:\windows\system32\userenv.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\amhooker.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\actxprxy.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\atl.dll
c:\windows\system32\samlib.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\ieapfltr.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\jscript.dll
c:\windows\system32\dxtrans.dll
c:\windows\system32\ddrawex.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\windows\system32\dxtmsft.dll
c:\windows\system32\imgutil.dll
c:\windows\system32\pngfilt.dll
c:\windows\system32\vbscript.dll
c:\windows\system32\macromed\flash\flash9d.ocx
c:\windows\system32\comdlg32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\windows\system32\schannel.dll

ComboFix 08-01-03.4 - user 2008-01-03 2:37:55.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.590 [GMT 0:00]
Running from: C:\Documents and Settings\user\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\user\Application Data\ultra
C:\Documents and Settings\user\Application Data\ultra\uninstall.bat
C:\WINDOWS\inf\ultra.inf

.
((((((((((((((((((((((((( Files Created from 2007-12-03 to 2008-01-03 )))))))))))))))))))))))))))))))
.

2008-01-03 02:32 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-01-03 02:32 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-01-03 02:32 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-01-03 02:32 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-01-03 02:32 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-03 02:32 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-31 21:26 . 2007-12-31 21:26 <DIR> d-------- C:\Program Files\Java
2007-12-31 21:26 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-12-26 10:52 . 2008-01-03 02:41 2,060,320 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-26 10:52 . 2008-01-03 02:10 24,620 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-26 10:44 . 2007-12-26 10:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-12-24 09:44 . 2007-12-24 09:44 <DIR> d-------- C:\Program Files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-03 02:33 3,816 ----a-w C:\WINDOWS\system32\tmp.reg
2007-12-24 10:22 9,605 ----a-w C:\Program Files\hijackthis.log
2007-12-20 14:24 --------- d-----w C:\Program Files\Google
2007-12-12 01:23 --------- d-----w C:\Program Files\Windows Live
2007-11-21 21:10 --------- d-----w C:\Program Files\Driving Test Success Plus
2007-11-21 12:45 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2007-11-21 12:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-15 14:51 --------- d-----w C:\Documents and Settings\user\Application Data\PlayFirst
2007-11-14 16:05 75,248 ----a-w C:\WINDOWS\zllsputility.exe
2007-11-14 16:05 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-11 20:10 --------- d-----w C:\Program Files\SmitfraudFix
2007-11-09 13:46 401,720 ----a-w C:\Program Files\hijack.exe
2007-11-08 02:36 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-11-08 02:36 --------- d-----w C:\Program Files\Trend Micro
2007-11-08 02:36 --------- d-----w C:\Program Files\SilverCreekCommonFiles
2007-11-08 02:36 --------- d-----w C:\Program Files\MSXML 4.0
2007-11-08 02:36 --------- d-----w C:\Program Files\Common Files\xing shared
2007-11-08 02:36 --------- d-----w C:\Documents and Settings\user\Application Data\AOL
2007-11-08 02:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
2007-11-08 02:35 --------- d-----w C:\Program Files\Common Files\AOL
2007-11-08 02:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trend Micro
2007-11-07 23:13 --------- d-----w C:\Program Files\MSN Messenger
2007-11-07 19:55 67,777 ----a-w C:\Program Files\log malware.txt
2007-11-07 16:23 --------- d-----w C:\Documents and Settings\user\Application Data\LimeWire
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 17:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-07-17 01:51 123,461 ----a-w C:\Program Files\Common Files\Hewlett-Packard.zip
2007-07-05 00:27 1,708,148 ----a-w C:\Documents and Settings\All Users\Documents.zip
2007-06-06 02:21 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2007-05-08 11:08 31,248 ----a-w C:\Program Files\tmpreflt.sys
2007-05-08 11:08 252,128 ----a-w C:\Program Files\Tmfilter.sys
2007-05-08 11:08 197,648 ----a-w C:\Program Files\tmxpflt.sys
2007-05-08 11:08 1,051,456 ----a-w C:\Program Files\VsapiNT.sys
2007-03-23 12:57 132 ----a-w C:\Documents and Settings\user\Application Data\wklnhst.dat
2004-06-22 08:04 94,438 ------w C:\Program Files\hposcu08.inf
2004-06-22 08:04 9,777 ------w C:\Program Files\hpzipr13.inf
2004-06-22 08:04 9,773 ------w C:\Program Files\hpousc08.inf
2004-06-22 08:04 70,656 ------w C:\Program Files\msvcirt.dll
2004-06-22 08:04 7,579 ------w C:\Program Files\hpound08.inf
2004-06-22 08:04 66,431 ------w C:\Program Files\hpoprl04.dat
2004-06-22 08:04 65,420 ------w C:\Program Files\hpoprl05.dat
2004-06-22 08:04 65 ------w C:\Program Files\dxprl.dat
2004-06-22 08:04 6,704 ------w C:\Program Files\hpounp08.inf
2004-06-22 08:04 53,670 ------w C:\Program Files\hposcu08.cat
2004-06-22 08:04 52,349 ------w C:\Program Files\hpzius13.cat
2004-06-22 08:04 52,349 ------w C:\Program Files\HPZius12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzist13.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzist12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzipr13.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\HPZipr12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzid413.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\HPZid412.cat
2004-06-22 08:04 51,026 ------w C:\Program Files\HPOunp08.cat
2004-06-22 08:04 50,615 ------w C:\Program Files\hpzid412.inf
2004-06-22 08:04 5,538 ------w C:\Program Files\hpzist12.inf
2004-06-22 08:04 49,212 ------w C:\Program Files\hpzjvp01.dll
2004-06-22 08:04 458,752 ------w C:\Program Files\tls704d.dll
2004-06-22 08:04 447,400 ------w C:\Program Files\hpoprn08.cat
2004-06-22 08:04 442,425 ------w C:\Program Files\hpzjpp01.dll
2004-06-22 08:04 4,779 ------w C:\Program Files\hpoglu08.inf
2004-06-22 08:04 4,768 ------w C:\Program Files\hpoprl01.dat
2004-06-22 08:04 4,144 ------w C:\Program Files\hpousb08.inf
2004-06-22 08:04 4,132 ------w C:\Program Files\hpzist13.inf
2004-06-22 08:04 4,014 ------w C:\Program Files\hpoprl08.dat
2004-06-22 08:04 399 ------w C:\Program Files\hpzprl01.dat
2004-06-22 08:04 314 ------w C:\Program Files\hpqprl01.dat
2004-06-22 08:04 3,448 ------w C:\Program Files\hpohub08.inf
2004-06-22 08:04 297 ------w C:\Program Files\Readme.html
2004-06-22 08:04 290,873 ------w C:\Program Files\hpzjut01.dll
2004-06-22 08:04 28,722 ------w C:\Program Files\hpzjlog.dll
2004-06-22 08:04 270,336 ------w C:\Program Files\hpzglu10.exe
2004-06-22 08:04 270,336 ------w C:\Program Files\hpzc3212.dll
2004-06-22 08:04 26,768 ------w C:\Program Files\usbhub.sys
2004-06-22 08:04 254,005 ------w C:\Program Files\msvcrt.dll
2004-06-22 08:04 22,636 ------w C:\Program Files\hpzid413.inf
2004-06-22 08:04 22,608 ------w C:\Program Files\usbprint.sys
2004-06-22 08:04 205 ------w C:\Program Files\hpzprl02.dat
2004-06-22 08:04 200,704 ------w C:\Program Files\hpzpnp10.dll
2004-06-22 08:04 20,168 ------w C:\Program Files\hpzius12.inf
2004-06-22 08:04 2,542 ------w C:\Program Files\hpoprl02.dat
2004-06-22 08:04 19,578 ------w C:\Program Files\hpoprl03.dat
2004-06-22 08:04 176,128 ------w C:\Program Files\hpzscr10.dll
2004-06-22 08:04 17,176 ------w C:\Program Files\hpomdl04.dat
2004-06-22 08:04 16,416 ------w C:\Program Files\HPZUCI12.DLL
2004-06-22 08:04 14,845 ------w C:\Program Files\hpoapd01.dat
2004-06-22 08:04 14,815 ------w C:\Program Files\hpzius13.inf
2004-06-22 08:04 137,124 ------w C:\Program Files\hpoprn08.inf
2004-06-22 08:04 12,922 ------w C:\Program Files\hpzipr12.inf
2004-06-22 08:04 12,288 ------w C:\Program Files\usbmon.dll
2004-06-22 08:04 1,980 ------w C:\Program Files\hpoprl07.dat
2004-06-22 08:04 1,479 ------w C:\Program Files\license.txt
2004-06-22 08:04 1,391 ------w C:\Program Files\readme.txt
2004-06-22 08:04 1,073,152 ------w C:\Program Files\Setup.exe
2004-03-17 17:13 1,028,368 ----a-w C:\Program Files\vbrun60sp6.exe
2007-05-28 20:41 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052120070528\index.dat
2007-05-28 20:41 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052820070529\index.dat
2007-05-29 20:49 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052920070530\index.dat
2007-05-30 19:12 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053020070531\index.dat
2007-05-31 19:38 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053120070601\index.dat
2007-06-02 18:05 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007060220070603\index.dat
.

((((((((((((((((((((((((((((( snapshot@2007-11-19_ 4.42.33.20 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-03-14 17:05:20 7,168 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2007-12-01 01:41:30 8,192 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-03-14 17:05:18 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2007-12-01 01:41:32 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-03-14 17:05:15 716,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2007-12-01 01:41:41 720,896 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-03-14 17:05:15 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2007-12-01 01:41:33 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-03-14 17:05:20 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2007-12-01 01:41:39 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
- 2007-03-14 17:05:21 299,008 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2007-12-01 01:41:36 303,104 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-03-14 17:05:19 1,290,240 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
+ 2007-12-01 01:41:39 1,294,336 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
- 2007-03-14 17:05:19 1,699,840 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
+ 2007-12-01 01:41:31 1,703,936 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-03-14 17:05:19 86,016 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2007-12-01 01:41:41 90,112 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-03-14 17:05:19 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2007-12-01 01:41:36 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-03-14 17:05:19 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2007-12-01 01:41:34 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-03-14 17:05:19 64,000 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2007-12-01 01:41:34 66,560 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
- 2007-03-14 17:05:19 368,640 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
+ 2007-12-01 01:41:38 372,736 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-03-14 17:05:19 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2007-12-01 01:41:42 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-03-14 17:05:19 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2007-12-01 01:41:37 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-03-14 17:05:19 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2007-12-01 01:41:34 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-03-14 17:05:19 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2007-12-01 01:41:35 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-03-14 17:05:19 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2007-12-01 01:41:40 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-03-14 17:05:20 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2007-12-01 01:41:30 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-03-14 17:05:20 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2007-12-01 01:41:33 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-03-14 17:05:20 569,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2007-12-01 01:41:32 573,440 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-03-14 17:05:19 1,245,184 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2007-12-02 01:41:55 1,265,664 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-03-14 17:05:20 2,039,808 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2007-12-01 01:41:35 2,052,096 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-03-14 17:05:20 1,335,296 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.Xml.dll
+ 2007-12-01 01:41:38 1,339,392 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
- 2007-03-14 17:05:19 1,216,512 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2007-12-02 01:41:56 1,232,896 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2007-12-02 01:42:14 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_6c209483\CustomMarshalers.dll
+ 2007-12-02 16:54:55 118,784 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_f7a7aba3\CustomMarshalers.dll
+ 2007-12-02 16:54:44 3,391,488 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_16ca7b18\mscorlib.dll
+ 2007-12-02 16:55:22 8,908,800 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_99a39f3d\mscorlib.dll
+ 2007-12-02 16:54:29 1,470,464 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_5708714f\System.Design.dll
+ 2007-12-02 16:55:13 3,395,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_5c7f198d\System.Design.dll
+ 2007-12-02 16:54:56 192,512 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_c2d6acd3\System.Drawing.Design.dll
+ 2007-12-02 16:53:48 90,112 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_d1db38dd\System.Drawing.Design.dll
+ 2007-12-02 16:55:16 2,244,608 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_89ff1021\System.Drawing.dll
+ 2007-12-02 16:54:40 835,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b927e05c\System.Drawing.dll
+ 2007-12-02 16:55:02 7,884,800 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_65edacf6\System.Windows.Forms.dll
+ 2007-12-02 16:54:06 3,018,752 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_ea3eb20a\System.Windows.Forms.dll
+ 2007-12-02 16:54:15 2,088,960 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_3f39ad99\System.Xml.dll
+ 2007-12-02 16:55:09 5,513,216 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_6779a1f5\System.Xml.dll
+ 2007-12-02 01:42:07 1,966,080 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_48c82c80\System.dll
+ 2007-12-02 16:54:54 4,788,224 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_f7edce58\System.dll
+ 2007-08-20 10:04:34 124,928 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-20 10:04:34 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-20 10:04:34 132,608 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-20 10:04:34 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-17 10:20:54 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-20 10:04:34 153,088 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-20 10:04:35 230,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-08-20 10:04:35 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-08-20 10:04:35 384,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-20 10:04:37 6,058,496 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-20 10:04:38 44,544 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-20 10:04:38 267,776 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-17 10:20:54 13,824 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-17 10:21:21 625,152 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-20 10:04:39 27,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-20 10:04:39 459,264 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-20 10:04:39 52,224 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-20 10:04:41 3,584,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-20 10:04:41 477,696 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-20 10:04:41 193,024 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-20 10:04:42 671,232 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-20 10:04:42 102,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-08-20 10:04:42 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-20 10:04:42 1,152,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-20 10:04:42 232,960 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-20 10:04:43 824,832 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
- 2007-11-16 07:28:11 593,920 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2007-12-13 03:04:38 593,920 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2007-11-16 07:28:11 12,288 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2007-12-13 03:04:38 12,288 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2007-11-16 07:28:11 86,016 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2007-12-13 03:04:38 86,016 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2007-11-16 07:28:11 135,168 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2007-12-13 03:04:38 135,168 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2007-11-16 07:28:11 11,264 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2007-12-13 03:04:38 11,264 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2007-11-16 07:28:11 27,136 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2007-12-13 03:04:38 27,136 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2007-11-16 07:28:12 4,096 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2007-12-13 03:04:38 4,096 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2007-11-16 07:28:12 794,624 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2007-12-13 03:04:38 794,624 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2007-11-16 07:28:11 249,856 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2007-12-13 03:04:38 249,856 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2007-11-16 07:28:11 61,440 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2007-12-13 03:04:38 61,440 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2007-11-16 07:28:12 23,040 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2007-12-13 03:04:38 23,040 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2007-11-16 07:28:11 286,720 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2007-12-13 03:04:38 286,720 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-11-16 07:28:11 409,600 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-12-13 03:04:38 409,600 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2003-02-20 19:19:32 253,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2007-04-13 21:30:52 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2003-02-20 19:19:34 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2004-07-15 01:49:18 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
- 2003-02-20 19:19:38 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
+ 2004-07-15 01:49:26 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
- 2003-02-20 19:19:36 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2007-04-13 21:30:52 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 19:09:08 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2007-04-13 20:57:52 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2003-02-21 10:20:44 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2004-07-15 11:23:28 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
- 2003-02-21 10:21:00 626,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2004-07-15 11:23:44 626,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
- 2003-02-20 19:06:20 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2004-07-15 00:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2003-10-08 14:30:14 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe
- 2003-02-21 07:24:38 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
+ 2004-07-15 14:31:00 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
- 2003-02-21 07:24:40 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2004-07-15 14:31:04 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
- 2003-02-20 19:09:40 196,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2004-07-15 00:35:30 196,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
- 2003-02-21 07:26:36 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
+ 2004-07-15 14:28:58 720,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
- 2003-02-21 07:26:38 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
+ 2004-07-15 14:28:56 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
- 2003-02-21 07:25:04 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
+ 2004-07-15 14:28:50 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
- 2003-02-21 07:25:04 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
+ 2004-07-15 14:28:50 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
- 2003-02-20 19:09:12 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
+ 2004-07-15 00:32:44 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
- 2003-02-20 19:09:12 233,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
+ 2004-07-15 00:32:46 233,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
- 2003-02-20 19:09:14 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2007-04-13 20:57:58 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2003-02-20 19:06:32 311,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2007-04-13 20:56:30 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2003-02-20 19:09:16 98,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2007-04-13 20:58:00 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2003-02-21 07:26:34 2,088,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-04-13 20:50:46 2,142,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2003-02-20 19:09:18 143,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
+ 2004-07-15 00:33:22 143,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
- 2003-02-20 19:09:18 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
+ 2004-07-15 00:33:24 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
- 2003-02-20 19:09:18 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2007-04-13 20:58:02 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2003-02-20 19:07:34 2,494,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2007-04-13 20:57:00 2,523,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2003-02-20 19:08:32 2,482,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2007-04-13 20:57:28 2,514,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2007-01-15 16:11:26 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
- 2003-02-20 19:09:30 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
+ 2004-07-15 00:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
- 2003-02-21 07:26:46 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2004-07-15 14:28:48 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2004-07-15 01:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_aspnet_isapi.dll
+ 2004-07-15 00:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_CORPerfMonExt.dll
+ 2004-07-15 00:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_fusion.dll
+ 2004-07-15 00:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_mscorjit.dll
+ 2004-07-15 14:29:02 2,138,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_mscorlib.dll
+ 2003-02-20 19:09:18 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_mscorsn.dll
+ 2004-07-15 00:26:52 2,510,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_mscorsvr.dll
+ 2004-07-15 00:28:34 2,502,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_mscorwks.dll
+ 2003-02-21 04:42:22 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_msvcr71.dll
+ 2004-07-15 00:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3664\_PerfCounter.dll
- 2003-02-20 19:09:34 319,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SOS.dll
+ 2004-07-15 00:35:04 319,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SOS.dll
- 2003-02-21 07:26:38 1,290,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
+ 2004-07-15 14:32:00 1,294,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
- 2003-02-21 07:25:42 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
+ 2004-07-15 14:31:14 303,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
- 2003-02-21 07:26:42 1,699,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
+ 2004-07-15 14:29:02 1,703,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
- 2003-02-21 07:26:44 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
+ 2004-07-15 14:28:54 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
- 2003-02-21 07:26:46 1,216,512 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2007-04-13 21:35:38 1,232,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2003-02-21 07:26:50 466,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2004-07-15 14:28:58 466,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
- 2003-02-21 07:26:50 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
+ 2004-07-15 14:28:56 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
- 2003-02-20 19:09:36 64,000 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
+ 2004-07-15 00:35:12 66,560 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
- 2003-02-21 07:26:52 368,640 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
+ 2004-07-15 14:31:58 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
- 2003-02-21 07:26:54 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
+ 2004-07-15 14:31:12 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
- 2003-02-21 07:26:56 323,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
+ 2004-07-15 14:28:58 323,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
- 2003-02-21 07:26:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
+ 2004-07-15 14:31:54 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
- 2003-02-21 07:26:58 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2004-07-15 14:28:52 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2003-02-21 07:27:00 126,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
+ 2004-07-15 14:28:54 126,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
- 2003-02-21 07:27:02 1,245,184 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2007-04-13 21:35:46 1,265,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2003-02-21 07:27:06 819,200 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
+ 2004-07-15 14:28:58 819,200 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
- 2003-02-21 07:24:18 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
+ 2004-07-15 14:28:52 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
- 2003-02-21 07:27:06 569,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
+ 2004-07-15 14:31:16 573,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
- 2003-02-21 07:27:08 2,039,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2004-07-15 14:32:02 2,052,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
- 2003-02-21 07:27:10 1,335,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2004-07-15 14:29:00 1,339,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2004-06-22 13:51:38 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2003-02-21 10:20:38 737,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe
+ 2004-07-15 11:23:20 737,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe
- 2003-02-21 05:04:18 1,032,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
+ 2004-07-15 08:15:14 1,032,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
- 2003-02-20 20:10:40 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
+ 2004-07-15 02:11:56 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
- 2007-06-17 00:11:58 51,200 ----a-w C:\WINDOWS\NirCmd.exe
+ 2000-08-31 08:00:00 51,200 ----a-w C:\WINDOWS\NirCmd.exe
- 2007-08-20 10:04:34 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-10-10 23:55:51 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2007-08-20 10:04:34 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-10-10 23:55:51 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2007-08-20 10:04:34 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-10-10 23:55:51 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-08-20 10:04:34 132,608 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-10-10 23:55:51 132,608 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-08-20 10:04:34 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2007-10-10 23:55:51 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2007-08-17 10:20:54 63,488 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-10-10 10:59:40 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-08-20 10:04:34 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-10-10 23:55:51 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-08-20 10:04:35 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-10-10 23:55:51 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-08-17 07:34:25 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-10-10 05:46:55 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-08-20 10:04:35 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2007-10-10 23:55:52 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-08-20 10:04:35 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-10-10 23:55:52 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-08-20 10:04:37 6,058,496 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2007-10-10 23:55:54 6,065,664 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-08-20 10:04:38 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-10-10 23:55:55 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-08-20 10:04:38 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2007-10-10 23:55:55 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-08-17 10:20:54 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-08-17 10:21:21 625,152 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-10-10 10:59:52 625,152 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-08-20 10:04:39 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-10-10 23:55:56 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2007-08-20 10:04:39 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2007-10-10 23:55:56 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-08-20 10:04:39 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2007-10-10 23:55:56 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-08-20 10:04:41 3,584,512 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-10-30 23:42:28 3,590,656 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-08-20 10:04:41 477,696 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-10-10 23:55:58 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2007-08-20 10:04:41 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-10-10 23:55:58 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-08-20 10:04:42 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-10-10 23:55:59 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2007-08-20 10:04:42 102,400 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-10-10 23:55:59 102,400 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2005-08-30 03:54:26 1,287,168 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2007-10-29 22:43:03 1,287,680 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2007-08-20 10:04:42 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2007-10-10 23:55:59 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
- 2007-08-20 10:04:42 1,152,000 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-10-10 23:56:00 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2007-08-20 10:04:42 232,960 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-10-10 23:56:00 232,960 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-08-20 10:04:43 824,832 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-10-10 23:56:00 824,832 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2006-10-18 20:47:18 222,208 -c--a-w C:\WINDOWS\system32\dllcache\WMASF.dll
+ 2007-10-27 17:40:30 222,720 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2007-07-19 15:10:28 127,768 ----a-w C:\WINDOWS\system32\drivers\klif.sys
- 2007-08-20 10:04:34 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2007-10-10 23:55:51 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-08-20 10:04:34 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2007-10-10 23:55:51 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2007-08-20 10:04:34 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2007-10-10 23:55:51 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2007-08-17 10:20:54 63,488 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2007-10-10 10:59:40 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2007-08-20 10:04:34 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2007-10-10 23:55:51 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2007-08-20 10:04:35 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2007-10-10 23:55:51 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2007-08-17 07:34:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2007-10-10 05:46:55 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2007-08-20 10:04:35 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2007-10-10 23:55:52 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-08-20 10:04:35 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2007-10-10 23:55:52 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2007-08-20 10:04:37 6,058,496 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2007-10-10 23:55:54 6,065,664 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-08-20 10:04:38 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2007-10-10 23:55:55 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2007-08-20 10:04:38 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2007-10-10 23:55:55 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-08-17 10:20:54 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-10-10 10:59:40 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-07-12 00:22:00 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2007-09-24 22:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2007-07-12 00:22:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2007-09-24 22:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2007-07-12 01:22:38 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2007-09-24 23:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2007-08-20 10:04:39 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-10-10 23:55:56 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-11-14 16:04:46 796,048 ----a-w C:\WINDOWS\system32\libeay32_0.9.6l.dll
- 2007-11-02 07:12:57 18,238,072 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2007-12-02 23:00:05 18,684,536 ----a-w C:\WINDOWS\system32\MRT.exe
- 2003-02-20 19:06:24 155,648 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2006-12-22 12:28:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll
- 2003-02-20 18:43:38 16,896 ----a-w C:\WINDOWS\system32\mscorier.dll
+ 2004-07-14 23:34:06 16,896 ----a-w C:\WINDOWS\system32\mscorier.dll
- 2007-08-20 10:04:39 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2007-10-10 23:55:56 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-08-20 10:04:39 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-10-10 23:55:56 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2007-08-20 10:04:41 3,584,512 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-10-30 23:42:28 3,590,656 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-08-20 10:04:41 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2007-10-10 23:55:58 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2007-08-20 10:04:41 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2007-10-10 23:55:58 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2007-08-20 10:04:42 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2007-10-10 23:55:59 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2006-12-22 13:02:36 6,144 ----a-w C:\WINDOWS\system32\mui\[u]0[/u]409\mscorees.dll
- 2007-08-20 10:04:42 102,400 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-10-10 23:55:59 102,400 ----a-w C:\WINDOWS\system32\occache.dll
- 2007-10-29 15:36:16 64,380 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2007-12-01 01:41:23 68,046 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-10-29 15:36:16 407,796 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2007-12-01 01:41:23 416,084 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2007-07-22 18:39:27 279,552 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2000-08-31 08:00:00 156,160 ----a-w C:\WINDOWS\system32\swreg.exe
- 2007-07-18 12:42:22 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2007-08-20 10:04:42 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2007-10-10 23:55:59 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-08-20 10:04:42 1,152,000 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-10-10 23:56:00 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-11-14 16:04:52 83,432 ----a-w C:\WINDOWS\system32\vsdata.dll
+ 2007-11-14 16:05:16 394,952 ----a-w C:\WINDOWS\system32\vsdatant.sys
+ 2007-11-14 16:04:52 157,160 ----a-w C:\WINDOWS\system32\vsinit.dll
+ 2007-11-14 16:04:52 103,912 ----a-w C:\WINDOWS\system32\vsmonapi.dll
+ 2007-11-14 16:04:52 275,944 ----a-w C:\WINDOWS\system32\vspubapi.dll
+ 2007-11-14 16:04:52 71,144 ----a-w C:\WINDOWS\system32\vsregexp.dll
+ 2007-11-14 16:04:54 472,552 ----a-w C:\WINDOWS\system32\vsutil.dll
+ 2007-11-14 16:04:54 46,568 ----a-w C:\WINDOWS\system32\vswmi.dll
+ 2007-11-14 16:04:54 99,816 ----a-w C:\WINDOWS\system32\vsxml.dll
- 2007-08-20 10:04:42 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-10-10 23:56:00 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2007-08-20 10:04:43 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-10-10 23:56:00 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-11-14 16:04:56 83,432 ----a-w C:\WINDOWS\system32\zlcomm.dll
+ 2007-11-14 16:04:56 71,144 ----a-w C:\WINDOWS\system32\zlcommdb.dll
- 2007-05-03 19:52:42 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
+ 2008-01-03 02:11:29 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
+ 2007-11-14 16:04:44 370,208 ----a-w C:\WINDOWS\system32\ZoneLabs\av.dll
+ 2007-05-31 00:03:30 65,248 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\aphish.dat
+ 2006-06-30 14:47:36 21,568 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.dll
+ 2007-05-31 00:03:16 77,824 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll
+ 2007-05-31 00:03:16 110,592 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll
+ 2007-05-31 00:03:16 331,776 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll
+ 2007-05-31 00:03:16 38,400 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll
+ 2007-07-19 15:10:32 110,360 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\w2kxp32\kl1.sys
+ 2007-07-19 15:10:32 186,128 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\w2kxp32\klif.sys
+ 2007-05-31 00:03:48 110,360 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\x32\kl1.sys
+ 2007-07-19 15:10:28 127,768 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\x32\klif.sys
+ 2007-05-31 00:03:50 45,056 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\x32\regcat.exe
+ 2006-09-19 23:12:14 208,960 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll
+ 2007-09-11 21:09:16 274,432 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll
+ 2006-12-19 18:13:52 1,093,632 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll
+ 2007-05-31 00:03:20 548,864 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\msvcp80.dll
+ 2007-05-31 00:03:20 626,688 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\msvcr80.dll
+ 2007-05-31 00:03:18 184,320 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll
+ 2007-05-31 00:03:22 90,112 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\prremote.dll
+ 2007-09-11 21:09:16 135,168 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
+ 2006-12-19 18:13:52 200,704 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll
+ 2007-11-14 16:04:44 99,816 ----a-w C:\WINDOWS\system32\ZoneLabs\camupd.dll
+ 2004-01-30 12:35:08 813,568 ----a-w C:\WINDOWS\system32\ZoneLabs\dbghelp.dll
+ 2007-11-14 16:04:46 128,480 ----a-w C:\WINDOWS\system32\ZoneLabs\fbl.dll
+ 2007-11-14 16:04:46 38,376 ----a-w C:\WINDOWS\system32\ZoneLabs\featuremap.dll
+ 2007-11-14 16:04:46 321,016 ----a-w C:\WINDOWS\system32\ZoneLabs\imsecure.dll
+ 2007-11-14 16:05:18 288,144 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard.zip.dll
+ 2007-11-14 16:05:18 152,976 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\licenseui.zip.dll
+ 2007-11-14 16:05:18 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll
+ 2007-11-14 16:05:18 1,361,296 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll
+ 2007-11-14 16:05:20 71,056 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll
+ 2007-11-14 16:06:34 30,184 ----a-w C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll
+ 2007-11-14 16:06:36 30,216 ----a-w C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll
+ 2007-10-18 20:18:38 714,208 ----a-w C:\WINDOWS\system32\ZoneLabs\qrbase.dll
+ 2007-10-18 20:18:38 787,936 ----a-w C:\WINDOWS\system32\ZoneLabs\qrsrecl.dll
+ 2007-11-14 16:04:48 173,544 ----a-w C:\WINDOWS\system32\ZoneLabs\scheduler.dll
+ 2007-01-11 11:12:08 2,432,259 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat
+ 2007-10-18 20:18:40 1,500,640 ----a-w C:\WINDOWS\system32\ZoneLabs\srescan.dll
+ 2007-10-18 20:18:44 51,176 ----a-w C:\WINDOWS\system32\ZoneLabs\srescan.sys
+ 2007-11-14 16:04:50 456,168 ----a-w C:\WINDOWS\system32\ZoneLabs\ssleay32.dll
+ 2007-11-14 16:06:36 214,528 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll
+ 2007-11-14 16:06:36 3,266,040 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll
+ 2006-09-04 20:59:14 503,875 ----a-w C:\WINDOWS\system32\ZoneLabs\upd_core.dll
+ 2007-10-11 16:50:32 832,984 ----a-w C:\WINDOWS\system32\ZoneLabs\updating.dll
+ 2007-11-14 16:05:06 144,936 ----a-w C:\WINDOWS\system32\ZoneLabs\updclient.exe
+ 2007-01-11 17:31:06 286,787 ----a-w C:\WINDOWS\system32\ZoneLabs\updtrsdk.dll
+ 2007-11-14 16:04:52 108,008 ----a-w C:\WINDOWS\system32\ZoneLabs\vsavpro.dll
+ 2007-11-14 16:04:52 83,432 ----a-w C:\WINDOWS\system32\ZoneLabs\vsdb.dll
+ 2007-11-14 16:05:06 75,304 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmon.exe
+ 2007-11-14 16:04:52 2,029,032 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmondll.dll
+ 2007-11-14 16:04:54 1,361,384 ----a-w C:\WINDOWS\system32\ZoneLabs\vsruledb.dll
+ 2007-11-14 16:04:54 239,080 ----a-w C:\WINDOWS\system32\ZoneLabs\vsvault.dll
+ 2007-01-11 11:12:08 2,432,259 ----a-w C:\WINDOWS\system32\ZoneLabs\zlasdbup.dat
+ 2007-11-14 16:04:56 177,640 ----a-w C:\WINDOWS\system32\ZoneLabs\zlparser.dll
+ 2007-11-14 16:04:56 79,344 ----a-w C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll
+ 2007-11-14 16:04:58 382,440 ----a-w C:\WINDOWS\system32\ZoneLabs\zlsre.dll
+ 2007-11-14 16:04:58 120,296 ----a-w C:\WINDOWS\system32\ZoneLabs\zlupdate.dll
+ 1998-02-06 21:37:32 299,520 ----a-w C:\WINDOWS\uninst.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-08-16 15:19 5728112]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 12:00 15360]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 09:37 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 08:48 16208384 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 10:04 2879488 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-12 05:19 7626752]
"nwiz"="nwiz.exe" [2006-07-12 05:19 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-07-12 05:19 86016]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"TI WLAN"="C:\Program Files\Wireless LAN Utility\TIWLANCu.exe" [2007-03-22 17:54 1150976]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-06-22 08:05 172032]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 22:46 57344]
"EPSON Stylus Photo R240 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [2005-04-25 05:00 98304]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06 40048]
"iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [2006-09-07 08:21 65536]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [2006-09-07 08:17 200704]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2004-06-10 12:48 286720]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-10-28 22:08 185632]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [2007-09-28 08:42 1393928]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05 919016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-02-28 12:00 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]

R3 TNET1130;802.11 WLAN;C:\WINDOWS\system32\DRIVERS\TNET1130.sys [2004-12-01 18:35]
S0 twvxlvwr;twvxlvwr;C:\WINDOWS\system32\drivers\gwytwpdy.sys []
S3 Intels51;Intel(R) 536EP V.92 Modem;C:\WINDOWS\system32\DRIVERS\Intels51.sys [2002-03-09 16:42]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a45a072-8e3c-11dc-939c-00120e4979ac}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL index.htm

.
Contents of the 'Scheduled Tasks' folder
"2008-01-03 01:47:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-01-02 07:34:15 C:\WINDOWS\Tasks\User_Feed_Synchronization-{B5DE7115-B5F8-42C9-8237-2669F45FD293}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-03 02:41:35
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-03 2:42:34
ComboFix-quarantined-files.txt 2008-01-03 02:42:30
ComboFix2.txt 2007-11-19 04:43:07
ComboFix3.txt 2007-11-18 05:07:40
ComboFix4.txt 2007-11-15 21:17:16
.
2007-12-13 03:04:41 --- E O F ---

ComboFix 07-11-08.3 - user 2007-11-19 4:39:08.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.550 [GMT 0:00]
Running from: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\6OVZOWP9\ComboFix[1].exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-10-19 to 2007-11-19 )))))))))))))))))))))))))))))))
.

2007-11-15 00:19 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-12 23:08 <DIR> d-------- C:\Deckard
2007-11-11 20:38 3,702 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-11 20:23 <DIR> d-------- C:\WINDOWS\system\SmitfraudFix
2007-11-11 20:22 1,043,074 --a------ C:\WINDOWS\system\SmitfraudFix.exe
2007-11-11 20:10 <DIR> d-------- C:\Program Files\SmitfraudFix
2007-11-11 19:37 <DIR> d-------- C:\SmitfraudFix
2007-11-08 02:36 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2007-11-08 02:36 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-11-08 02:36 <DIR> d-------- C:\Program Files\Common Files\xing shared
2007-11-07 22:37 52,496 --a------ C:\WINDOWS\system32\drivers\tmactmon.sys
2007-11-07 22:37 52,368 --a------ C:\WINDOWS\system32\drivers\tmevtmgr.sys
2007-11-07 22:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Trend Micro
2007-11-07 20:48 <DIR> d-------- C:\Program Files\Trend Micro

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-15 14:51 --------- d-----w C:\Documents and Settings\user\Application Data\PlayFirst
2007-11-09 13:46 401,720 ----a-w C:\Program Files\hijack.exe
2007-11-08 02:36 --------- d-----w C:\Program Files\SilverCreekCommonFiles
2007-11-08 02:36 --------- d-----w C:\Program Files\Google
2007-11-08 02:36 --------- d-----w C:\Documents and Settings\user\Application Data\AOL
2007-11-08 02:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
2007-11-08 02:35 --------- d-----w C:\Program Files\Common Files\AOL
2007-11-07 23:13 --------- d-----w C:\Program Files\MSN Messenger
2007-11-07 19:55 67,777 ----a-w C:\Program Files\log malware.txt
2007-11-07 16:23 --------- d-----w C:\Documents and Settings\user\Application Data\LimeWire
2007-10-29 10:53 --------- d-----w C:\Program Files\Windows Live
2007-10-29 10:49 --------- d-----w C:\Program Files\Hardwood Spades
2007-10-29 10:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-10-28 22:08 --------- d-----w C:\Program Files\Common Files\Real
2007-09-28 08:42 65,936 ----a-w C:\WINDOWS\system32\drivers\tmtdi.sys
2007-09-28 08:42 36,112 ----a-w C:\WINDOWS\system32\drivers\tmpreflt.sys
2007-09-28 08:42 333,328 ----a-w C:\WINDOWS\system32\drivers\TM_CFW.sys
2007-09-28 08:42 203,024 ----a-w C:\WINDOWS\system32\drivers\tmxpflt.sys
2007-09-28 08:42 138,512 ----a-w C:\WINDOWS\system32\drivers\tmcomm.sys
2007-09-28 08:42 1,126,328 ----a-w C:\WINDOWS\system32\drivers\vsapint.sys
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-07-17 01:51 123,461 ----a-w C:\Program Files\Common Files\Hewlett-Packard.zip
2007-07-05 00:27 1,708,148 ----a-w C:\Documents and Settings\All Users\Documents.zip
2007-06-06 02:21 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2007-05-08 11:08 31,248 ----a-w C:\Program Files\tmpreflt.sys
2007-05-08 11:08 252,128 ----a-w C:\Program Files\Tmfilter.sys
2007-05-08 11:08 197,648 ----a-w C:\Program Files\tmxpflt.sys
2007-05-08 11:08 1,051,456 ----a-w C:\Program Files\VsapiNT.sys
2007-03-23 12:57 132 ----a-w C:\Documents and Settings\user\Application Data\wklnhst.dat
2004-06-22 08:04 94,438 ------w C:\Program Files\hposcu08.inf
2004-06-22 08:04 9,777 ------w C:\Program Files\hpzipr13.inf
2004-06-22 08:04 9,773 ------w C:\Program Files\hpousc08.inf
2004-06-22 08:04 70,656 ------w C:\Program Files\msvcirt.dll
2004-06-22 08:04 7,579 ------w C:\Program Files\hpound08.inf
2004-06-22 08:04 66,431 ------w C:\Program Files\hpoprl04.dat
2004-06-22 08:04 65,420 ------w C:\Program Files\hpoprl05.dat
2004-06-22 08:04 65 ------w C:\Program Files\dxprl.dat
2004-06-22 08:04 6,704 ------w C:\Program Files\hpounp08.inf
2004-06-22 08:04 53,670 ------w C:\Program Files\hposcu08.cat
2004-06-22 08:04 52,349 ------w C:\Program Files\hpzius13.cat
2004-06-22 08:04 52,349 ------w C:\Program Files\HPZius12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzist13.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzist12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzipr13.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\HPZipr12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzid413.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\HPZid412.cat
2004-06-22 08:04 51,026 ------w C:\Program Files\HPOunp08.cat
2004-06-22 08:04 50,615 ------w C:\Program Files\hpzid412.inf
2004-06-22 08:04 5,538 ------w C:\Program Files\hpzist12.inf
2004-06-22 08:04 49,212 ------w C:\Program Files\hpzjvp01.dll
2004-06-22 08:04 458,752 ------w C:\Program Files\tls704d.dll
2004-06-22 08:04 447,400 ------w C:\Program Files\hpoprn08.cat
2004-06-22 08:04 442,425 ------w C:\Program Files\hpzjpp01.dll
2004-06-22 08:04 4,779 ------w C:\Program Files\hpoglu08.inf
2004-06-22 08:04 4,768 ------w C:\Program Files\hpoprl01.dat
2004-06-22 08:04 4,144 ------w C:\Program Files\hpousb08.inf
2004-06-22 08:04 4,132 ------w C:\Program Files\hpzist13.inf
2004-06-22 08:04 4,014 ------w C:\Program Files\hpoprl08.dat
2004-06-22 08:04 399 ------w C:\Program Files\hpzprl01.dat
2004-06-22 08:04 314 ------w C:\Program Files\hpqprl01.dat
2004-06-22 08:04 3,448 ------w C:\Program Files\hpohub08.inf
2004-06-22 08:04 297 ------w C:\Program Files\Readme.html
2004-06-22 08:04 290,873 ------w C:\Program Files\hpzjut01.dll
2004-06-22 08:04 28,722 ------w C:\Program Files\hpzjlog.dll
2004-06-22 08:04 270,336 ------w C:\Program Files\hpzglu10.exe
2004-06-22 08:04 270,336 ------w C:\Program Files\hpzc3212.dll
2004-06-22 08:04 26,768 ------w C:\Program Files\usbhub.sys
2004-06-22 08:04 254,005 ------w C:\Program Files\msvcrt.dll
2004-06-22 08:04 22,636 ------w C:\Program Files\hpzid413.inf
2004-06-22 08:04 22,608 ------w C:\Program Files\usbprint.sys
2004-06-22 08:04 205 ------w C:\Program Files\hpzprl02.dat
2004-06-22 08:04 200,704 ------w C:\Program Files\hpzpnp10.dll
2004-06-22 08:04 20,168 ------w C:\Program Files\hpzius12.inf
2004-06-22 08:04 2,542 ------w C:\Program Files\hpoprl02.dat
2004-06-22 08:04 19,578 ------w C:\Program Files\hpoprl03.dat
2004-06-22 08:04 176,128 ------w C:\Program Files\hpzscr10.dll
2004-06-22 08:04 17,176 ------w C:\Program Files\hpomdl04.dat
2004-06-22 08:04 16,416 ------w C:\Program Files\HPZUCI12.DLL
2004-06-22 08:04 14,845 ------w C:\Program Files\hpoapd01.dat
2004-06-22 08:04 14,815 ------w C:\Program Files\hpzius13.inf
2004-06-22 08:04 137,124 ------w C:\Program Files\hpoprn08.inf
2004-06-22 08:04 12,922 ------w C:\Program Files\hpzipr12.inf
2004-06-22 08:04 12,288 ------w C:\Program Files\usbmon.dll
2004-06-22 08:04 1,980 ------w C:\Program Files\hpoprl07.dat
2004-06-22 08:04 1,479 ------w C:\Program Files\license.txt
2004-06-22 08:04 1,391 ------w C:\Program Files\readme.txt
2004-06-22 08:04 1,073,152 ------w C:\Program Files\Setup.exe
2004-03-17 17:13 1,028,368 ----a-w C:\Program Files\vbrun60sp6.exe
2007-05-28 20:41:22 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052120070528\index.dat
2007-05-28 20:41:22 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052820070529\index.dat
2007-05-29 20:49:39 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052920070530\index.dat
2007-05-30 19:12:14 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053020070531\index.dat
2007-05-31 19:38:44 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053120070601\index.dat
2007-06-02 18:05:32 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007060220070603\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 08:48 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 10:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-12 05:19]
"nwiz"="nwiz.exe" [2006-07-12 05:19 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-07-12 05:19]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"TI WLAN"="C:\Program Files\Wireless LAN Utility\TIWLANCu.exe" [2007-03-22 17:54]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-06-22 08:05]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 22:46]
"EPSON Stylus Photo R240 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [2005-04-25 05:00]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]
"iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [2006-09-07 08:21]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [2006-09-07 08:17]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2004-06-10 12:48]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-10-28 22:08]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [2007-09-28 08:42]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-08-16 15:19]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 12:00]
"Aim6"="C:\Program Files\AIM6\aim6.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\{BC84DF00-BC38-9902-8082-6FCBF2D87A0B}]
C:\WINDOWS\system32\atpakib-deas.dll

R3 TNET1130;802.11 WLAN;C:\WINDOWS\system32\DRIVERS\TNET1130.sys
S3 Intels51;Intel(R) 536EP V.92 Modem;C:\WINDOWS\system32\DRIVERS\Intels51.sys


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{484F4D45-3248-4f4d-4532-484F4D453248}]
C:\WINDOWS\system32\udsacoot.exe
.
Contents of the 'Scheduled Tasks' folder
"2007-11-18 22:47:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-19 04:42:23
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-19 4:43:04
C:\ComboFix2.txt ... 2007-11-18 05:07
C:\ComboFix3.txt ... 2007-11-15 21:17
.
--- E O F ---
ComboFix 07-11-08.1 - user 2007-11-18 5:03:14.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.430 [GMT 0:00]
Running from: C:\Documents and Settings\user\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2007-10-18 to 2007-11-18 )))))))))))))))))))))))))))))))
.

2007-11-15 00:19 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-12 23:08 <DIR> d-------- C:\Deckard
2007-11-11 20:38 3,702 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-11 20:23 <DIR> d-------- C:\WINDOWS\system\SmitfraudFix
2007-11-11 20:22 1,043,074 --a------ C:\WINDOWS\system\SmitfraudFix.exe
2007-11-11 20:10 <DIR> d-------- C:\Program Files\SmitfraudFix
2007-11-11 19:37 <DIR> d-------- C:\SmitfraudFix
2007-11-08 02:36 <DIR> d-------- C:\WINDOWS\system32\runtime
2007-11-08 02:36 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2007-11-08 02:36 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-11-08 02:36 <DIR> d-------- C:\Program Files\Common Files\xing shared
2007-11-07 22:37 52,496 --a------ C:\WINDOWS\system32\drivers\tmactmon.sys
2007-11-07 22:37 52,368 --a------ C:\WINDOWS\system32\drivers\tmevtmgr.sys
2007-11-07 22:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Trend Micro
2007-11-07 20:48 <DIR> d-------- C:\Program Files\Trend Micro

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-18 04:38 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac.exe
2007-11-15 14:51 --------- d-----w C:\Documents and Settings\user\Application Data\PlayFirst
2007-11-09 13:46 401,720 ----a-w C:\Program Files\hijack.exe
2007-11-08 02:36 --------- d-----w C:\Program Files\SilverCreekCommonFiles
2007-11-08 02:36 --------- d-----w C:\Program Files\Google
2007-11-08 02:36 --------- d-----w C:\Documents and Settings\user\Application Data\AOL
2007-11-08 02:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
2007-11-08 02:35 --------- d-----w C:\Program Files\Common Files\AOL
2007-11-07 23:13 --------- d-----w C:\Program Files\MSN Messenger
2007-11-07 19:55 67,777 ----a-w C:\Program Files\log malware.txt
2007-11-07 16:23 --------- d-----w C:\Documents and Settings\user\Application Data\LimeWire
2007-10-29 10:53 --------- d-----w C:\Program Files\Windows Live
2007-10-29 10:49 --------- d-----w C:\Program Files\Hardwood Spades
2007-10-29 10:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-10-28 22:08 --------- d-----w C:\Program Files\Common Files\Real
2007-09-28 08:42 65,936 ----a-w C:\WINDOWS\system32\drivers\tmtdi.sys
2007-09-28 08:42 36,112 ----a-w C:\WINDOWS\system32\drivers\tmpreflt.sys
2007-09-28 08:42 333,328 ----a-w C:\WINDOWS\system32\drivers\TM_CFW.sys
2007-09-28 08:42 203,024 ----a-w C:\WINDOWS\system32\drivers\tmxpflt.sys
2007-09-28 08:42 138,512 ----a-w C:\WINDOWS\system32\drivers\tmcomm.sys
2007-09-28 08:42 1,126,328 ----a-w C:\WINDOWS\system32\drivers\vsapint.sys
2007-09-18 18:52 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-09-18 18:52 --------- d-----w C:\Program Files\Trymedia
2007-09-18 18:52 --------- d-----w C:\Program Files\Silver Creek Installer
2007-09-18 18:52 --------- d-----w C:\Program Files\Hardwood Backgammon
2007-09-18 18:52 --------- d-----w C:\Program Files\Common Files\CasinoVegasShared
2007-09-18 18:51 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-09-18 18:51 --------- d-----w C:\Program Files\namtai_eyetoy_drivers
2007-09-18 18:48 --------- d-----w C:\Program Files\KYE
2007-09-18 18:48 --------- d-----w C:\Program Files\Common Files\snpstd
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-07-17 01:51 123,461 ----a-w C:\Program Files\Common Files\Hewlett-Packard.zip
2007-07-05 00:27 1,708,148 ----a-w C:\Documents and Settings\All Users\Documents.zip
2007-06-06 02:21 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2007-05-08 11:08 31,248 ----a-w C:\Program Files\tmpreflt.sys
2007-05-08 11:08 252,128 ----a-w C:\Program Files\Tmfilter.sys
2007-05-08 11:08 197,648 ----a-w C:\Program Files\tmxpflt.sys
2007-05-08 11:08 1,051,456 ----a-w C:\Program Files\VsapiNT.sys
2007-03-23 12:57 132 ----a-w C:\Documents and Settings\user\Application Data\wklnhst.dat
2004-06-22 08:04 94,438 ------w C:\Program Files\hposcu08.inf
2004-06-22 08:04 9,777 ------w C:\Program Files\hpzipr13.inf
2004-06-22 08:04 9,773 ------w C:\Program Files\hpousc08.inf
2004-06-22 08:04 70,656 ------w C:\Program Files\msvcirt.dll
2004-06-22 08:04 7,579 ------w C:\Program Files\hpound08.inf
2004-06-22 08:04 66,431 ------w C:\Program Files\hpoprl04.dat
2004-06-22 08:04 65,420 ------w C:\Program Files\hpoprl05.dat
2004-06-22 08:04 65 ------w C:\Program Files\dxprl.dat
2004-06-22 08:04 6,704 ------w C:\Program Files\hpounp08.inf
2004-06-22 08:04 53,670 ------w C:\Program Files\hposcu08.cat
2004-06-22 08:04 52,349 ------w C:\Program Files\hpzius13.cat
2004-06-22 08:04 52,349 ------w C:\Program Files\HPZius12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzist13.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzist12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzipr13.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\HPZipr12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzid413.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\HPZid412.cat
2004-06-22 08:04 51,026 ------w C:\Program Files\HPOunp08.cat
2004-06-22 08:04 50,615 ------w C:\Program Files\hpzid412.inf
2004-06-22 08:04 5,538 ------w C:\Program Files\hpzist12.inf
2004-06-22 08:04 49,212 ------w C:\Program Files\hpzjvp01.dll
2004-06-22 08:04 458,752 ------w C:\Program Files\tls704d.dll
2004-06-22 08:04 447,400 ------w C:\Program Files\hpoprn08.cat
2004-06-22 08:04 442,425 ------w C:\Program Files\hpzjpp01.dll
2004-06-22 08:04 4,779 ------w C:\Program Files\hpoglu08.inf
2004-06-22 08:04 4,768 ------w C:\Program Files\hpoprl01.dat
2004-06-22 08:04 4,144 ------w C:\Program Files\hpousb08.inf
2004-06-22 08:04 4,132 ------w C:\Program Files\hpzist13.inf
2004-06-22 08:04 4,014 ------w C:\Program Files\hpoprl08.dat
2004-06-22 08:04 399 ------w C:\Program Files\hpzprl01.dat
2004-06-22 08:04 314 ------w C:\Program Files\hpqprl01.dat
2004-06-22 08:04 3,448 ------w C:\Program Files\hpohub08.inf
2004-06-22 08:04 297 ------w C:\Program Files\Readme.html
2004-06-22 08:04 290,873 ------w C:\Program Files\hpzjut01.dll
2004-06-22 08:04 28,722 ------w C:\Program Files\hpzjlog.dll
2004-06-22 08:04 270,336 ------w C:\Program Files\hpzglu10.exe
2004-06-22 08:04 270,336 ------w C:\Program Files\hpzc3212.dll
2004-06-22 08:04 26,768 ------w C:\Program Files\usbhub.sys
2004-06-22 08:04 254,005 ------w C:\Program Files\msvcrt.dll
2004-06-22 08:04 22,636 ------w C:\Program Files\hpzid413.inf
2004-06-22 08:04 22,608 ------w C:\Program Files\usbprint.sys
2004-06-22 08:04 205 ------w C:\Program Files\hpzprl02.dat
2004-06-22 08:04 200,704 ------w C:\Program Files\hpzpnp10.dll
2004-06-22 08:04 20,168 ------w C:\Program Files\hpzius12.inf
2004-06-22 08:04 2,542 ------w C:\Program Files\hpoprl02.dat
2004-06-22 08:04 19,578 ------w C:\Program Files\hpoprl03.dat
2004-06-22 08:04 176,128 ------w C:\Program Files\hpzscr10.dll
2004-06-22 08:04 17,176 ------w C:\Program Files\hpomdl04.dat
2004-06-22 08:04 16,416 ------w C:\Program Files\HPZUCI12.DLL
2004-06-22 08:04 14,845 ------w C:\Program Files\hpoapd01.dat
2004-06-22 08:04 14,815 ------w C:\Program Files\hpzius13.inf
2004-06-22 08:04 137,124 ------w C:\Program Files\hpoprn08.inf
2004-06-22 08:04 12,922 ------w C:\Program Files\hpzipr12.inf
2004-06-22 08:04 12,288 ------w C:\Program Files\usbmon.dll
2004-06-22 08:04 1,980 ------w C:\Program Files\hpoprl07.dat
2004-06-22 08:04 1,479 ------w C:\Program Files\license.txt
2004-06-22 08:04 1,391 ------w C:\Program Files\readme.txt
2004-06-22 08:04 1,073,152 ------w C:\Program Files\Setup.exe
2004-03-17 17:13 1,028,368 ----a-w C:\Program Files\vbrun60sp6.exe
2007-05-28 20:41:22 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052120070528\index.dat
2007-05-28 20:41:22 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052820070529\index.dat
2007-05-29 20:49:39 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052920070530\index.dat
2007-05-30 19:12:14 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053020070531\index.dat
2007-05-31 19:38:44 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053120070601\index.dat
2007-06-02 18:05:32 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007060220070603\index.dat
.

((((((((((((((((((((((((((((( snapshot@2007-11-15_ 2.35.38.82 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-10-10 00:58:22 593,920 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2007-11-16 07:28:11 593,920 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2007-10-10 00:58:22 12,288 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2007-11-16 07:28:11 12,288 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2007-10-10 00:58:22 86,016 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2007-11-16 07:28:11 86,016 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2007-10-10 00:58:22 135,168 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2007-11-16 07:28:11 135,168 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2007-10-10 00:58:22 11,264 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2007-11-16 07:28:11 11,264 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2007-10-10 00:58:22 27,136 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2007-11-16 07:28:11 27,136 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2007-10-10 00:58:22 4,096 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2007-11-16 07:28:12 4,096 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2007-10-10 00:58:22 794,624 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2007-11-16 07:28:12 794,624 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2007-10-10 00:58:22 249,856 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2007-11-16 07:28:11 249,856 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2007-10-10 00:58:22 61,440 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2007-11-16 07:28:11 61,440 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2007-10-10 00:58:22 23,040 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2007-11-16 07:28:12 23,040 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2007-10-10 00:58:22 286,720 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2007-11-16 07:28:11 286,720 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-10-10 00:58:22 409,600 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-11-16 07:28:11 409,600 ----a-r C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2007-11-15 02:34:11 65,536 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2007-11-18 04:38:11 65,536 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2007-11-15 02:34:11 131,072 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2007-11-18 04:38:11 131,072 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2007-11-15 02:34:11 819,200 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2007-11-18 04:38:11 819,200 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2006-12-19 21:52:18 8,453,632 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2007-10-26 03:34:01 8,460,288 -c--a-w C:\WINDOWS\system32\dllcache\shell32.dll
- 2007-09-28 05:19:39 18,089,592 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2007-11-02 07:12:57 18,238,072 ----a-w C:\WINDOWS\system32\MRT.exe
- 2006-12-19 21:52:18 8,453,632 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-26 03:34:01 8,460,288 ----a-w C:\WINDOWS\system32\shell32.dll
- 2007-06-19 07:24:36 350,720 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-10-29 10:04:03 350,720 ----a-w C:\WINDOWS\system32\xpsp3res.dll
- 2007-11-15 02:34:12 24,064 ----a-w C:\WINDOWS\Temp\ouxtikeah.dll
+ 2007-11-18 04:38:11 24,064 ----a-w C:\WINDOWS\Temp\ouxtikeah.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 08:48 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 10:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-12 05:19]
"nwiz"="nwiz.exe" [2006-07-12 05:19 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-07-12 05:19]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"TI WLAN"="C:\Program Files\Wireless LAN Utility\TIWLANCu.exe" [2007-03-22 17:54]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-06-22 08:05]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 22:46]
"EPSON Stylus Photo R240 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [2005-04-25 05:00]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]
"iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [2006-09-07 08:21]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [2006-09-07 08:17]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2004-06-10 12:48]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-10-28 22:08]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [2007-09-28 08:42]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-08-16 15:19]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 12:00]
"Aim6"="C:\Program Files\AIM6\aim6.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\[u]0[/u]]
Source= file:///C:\WINDOWS\privacy_danger\index.htm
FriendlyName= Privacy Protection

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\{BC84DF00-BC38-9902-8082-6FCBF2D87A0B}]
C:\WINDOWS\system32\atpakib-deas.dll 2006-02-28 12:00 5120 C:\WINDOWS\system32\atpakib-deas.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\explorer.exe]
Debugger=C:\WINDOWS\system32\ahroxun-edat.exe

R3 TNET1130;802.11 WLAN;C:\WINDOWS\system32\DRIVERS\TNET1130.sys
S3 Intels51;Intel(R) 536EP V.92 Modem;C:\WINDOWS\system32\DRIVERS\Intels51.sys


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{484F4D45-3248-4f4d-4532-484F4D453248}]
C:\WINDOWS\system32\udsacoot.exe
.
Contents of the 'Scheduled Tasks' folder
"2007-11-18 04:47:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-18 05:06:49
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-18 5:07:37
C:\ComboFix2.txt ... 2007-11-15 21:17
C:\ComboFix3.txt ... 2007-11-15 02:36
.
--- E O F ---
ComboFix 07-11-08.1 - user 2007-11-15 21:08:33.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.347 [GMT 0:00]
Running from: C:\Documents and Settings\user\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\user\Desktop\CFscript.txt
* Created a new restore point

FILE
C:\WINDOWS\bonrep.dll
C:\WINDOWS\ipwypktx.dll
C:\WINDOWS\kbdctrl.dll
C:\WINDOWS\neobus.dll
C:\WINDOWS\qdertu.exe
C:\WINDOWS\system32\ahroxun-edat.exe
C:\WINDOWS\system32\udsacoot.exe
.

Unable to gain System Privileges

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\user\Desktop\Error Cleaner.url
C:\Documents and Settings\user\Desktop\Favorites\Error Cleaner.url
C:\Documents and Settings\user\Desktop\Favorites\Privacy Protector.url
C:\Documents and Settings\user\Desktop\Favorites\Spyware&Malware Protection.url
C:\Documents and Settings\user\Desktop\Privacy Protector.url
C:\Documents and Settings\user\Desktop\Spyware&Malware Protection.url
C:\WINDOWS\bonrep.dll
C:\WINDOWS\dat.txt
C:\WINDOWS\ipwypktx.dll
C:\WINDOWS\kbdctrl.dll
C:\WINDOWS\neobus.dll
C:\WINDOWS\privacy_danger
C:\WINDOWS\privacy_danger\images\capt.gif
C:\WINDOWS\privacy_danger\images\danger.jpg
C:\WINDOWS\privacy_danger\images\down.gif
C:\WINDOWS\privacy_danger\images\spacer.gif
C:\WINDOWS\privacy_danger\index.htm
C:\WINDOWS\qdertu.exe
C:\WINDOWS\rs.txt
C:\WINDOWS\search_res.txt
C:\WINDOWS\system32\ahroxun-edat.exe . . . . failed to delete
C:\WINDOWS\system32\udsacoot.exe . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2007-10-15 to 2007-11-15 )))))))))))))))))))))))))))))))
.

2007-11-15 00:19 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-12 23:08 <DIR> d-------- C:\Deckard
2007-11-11 20:38 3,702 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-11 20:23 <DIR> d-------- C:\WINDOWS\system\SmitfraudFix
2007-11-11 20:22 1,043,074 --a------ C:\WINDOWS\system\SmitfraudFix.exe
2007-11-11 20:10 <DIR> d-------- C:\Program Files\SmitfraudFix
2007-11-11 19:37 <DIR> d-------- C:\SmitfraudFix
2007-11-08 02:36 <DIR> d-------- C:\WINDOWS\system32\runtime
2007-11-08 02:36 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2007-11-08 02:36 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-11-08 02:36 <DIR> d-------- C:\Program Files\Common Files\xing shared
2007-11-07 22:37 52,496 --a------ C:\WINDOWS\system32\drivers\tmactmon.sys
2007-11-07 22:37 52,368 --a------ C:\WINDOWS\system32\drivers\tmevtmgr.sys
2007-11-07 22:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Trend Micro
2007-11-07 20:48 <DIR> d-------- C:\Program Files\Trend Micro

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-15 21:15 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac.exe
2007-11-15 14:51 --------- d-----w C:\Documents and Settings\user\Application Data\PlayFirst
2007-11-09 13:46 401,720 ----a-w C:\Program Files\hijack.exe
2007-11-08 02:36 --------- d-----w C:\Program Files\SilverCreekCommonFiles
2007-11-08 02:36 --------- d-----w C:\Program Files\Google
2007-11-08 02:36 --------- d-----w C:\Documents and Settings\user\Application Data\AOL
2007-11-08 02:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
2007-11-08 02:35 --------- d-----w C:\Program Files\Common Files\AOL
2007-11-07 23:13 --------- d-----w C:\Program Files\MSN Messenger
2007-11-07 19:55 67,777 ----a-w C:\Program Files\log malware.txt
2007-11-07 16:23 --------- d-----w C:\Documents and Settings\user\Application Data\LimeWire
2007-10-29 13:30 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(251).exe
2007-10-29 12:35 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(252).exe
2007-10-29 10:53 --------- d-----w C:\Program Files\Windows Live
2007-10-29 10:49 --------- d-----w C:\Program Files\Hardwood Spades
2007-10-29 10:26 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(253).exe
2007-10-29 10:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-10-28 22:08 --------- d-----w C:\Program Files\Common Files\Real
2007-10-23 21:19 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(245).exe
2007-10-23 15:36 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(246).exe
2007-10-23 15:06 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(247).exe
2007-10-23 14:45 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(248).exe
2007-10-23 14:32 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(249).exe
2007-10-22 21:05 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(250).exe
2007-09-28 08:42 65,936 ----a-w C:\WINDOWS\system32\drivers\tmtdi.sys
2007-09-28 08:42 36,112 ----a-w C:\WINDOWS\system32\drivers\tmpreflt.sys
2007-09-28 08:42 333,328 ----a-w C:\WINDOWS\system32\drivers\TM_CFW.sys
2007-09-28 08:42 203,024 ----a-w C:\WINDOWS\system32\drivers\tmxpflt.sys
2007-09-28 08:42 138,512 ----a-w C:\WINDOWS\system32\drivers\tmcomm.sys
2007-09-28 08:42 1,126,328 ----a-w C:\WINDOWS\system32\drivers\vsapint.sys
2007-09-18 18:52 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-09-18 18:52 --------- d-----w C:\Program Files\Trymedia
2007-09-18 18:52 --------- d-----w C:\Program Files\Silver Creek Installer
2007-09-18 18:52 --------- d-----w C:\Program Files\Hardwood Backgammon
2007-09-18 18:52 --------- d-----w C:\Program Files\Common Files\CasinoVegasShared
2007-09-18 18:51 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-09-18 18:51 --------- d-----w C:\Program Files\namtai_eyetoy_drivers
2007-09-18 18:48 --------- d-----w C:\Program Files\KYE
2007-09-18 18:48 --------- d-----w C:\Program Files\Common Files\snpstd
2007-09-18 15:43 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(136).exe
2007-09-18 14:52 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(137).exe
2007-09-18 13:05 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(138).exe
2007-09-18 12:00 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(139).exe
2007-09-18 08:31 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(140).exe
2007-09-17 20:37 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(141).exe
2007-09-17 08:06 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(142).exe
2007-09-17 07:47 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(143).exe
2007-09-16 20:09 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(144).exe
2007-09-16 16:57 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(145).exe
2007-09-16 13:25 30,489 ----a-w C:\WINDOWS\system32\ekvakuh-easac(146).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(244).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(243).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(242).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(241).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(240).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(239).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(238).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(237).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(236).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(235).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(234).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(233).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(232).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(231).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(230).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(229).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(228).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(227).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(226).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(225).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(224).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(223).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(222).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(221).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(220).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(219).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(218).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(217).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(216).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(215).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(214).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(213).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(212).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(211).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(210).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(209).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(208).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(207).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(206).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(205).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(204).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(203).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(202).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(201).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(200).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(199).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(198).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(197).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(196).exe
2007-09-16 13:25 30,489 ----a-r C:\WINDOWS\system32\ekvakuh-easac(195).exe
2007-05-28 20:41:22 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052120070528\index.dat
2007-05-28 20:41:22 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052820070529\index.dat
2007-05-29 20:49:39 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052920070530\index.dat
2007-05-30 19:12:14 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053020070531\index.dat
2007-05-31 19:38:44 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053120070601\index.dat
2007-06-02 18:05:32 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007060220070603\index.dat
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

- Not a PE file.

---- Directory of C:\WINDOWS\system32\runtime ----



((((((((((((((((((((((((((((( snapshot@2007-11-15_ 2.35.38.82 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-11-15 02:34:11 65,536 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2007-11-15 21:15:10 65,536 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2007-11-15 02:34:11 131,072 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2007-11-15 21:15:10 131,072 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2007-11-15 02:34:11 819,200 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2007-11-15 21:15:10 819,200 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2007-11-15 02:34:12 24,064 ----a-w C:\WINDOWS\Temp\ouxtikeah.dll
+ 2007-11-15 21:15:10 24,064 ----a-w C:\WINDOWS\Temp\ouxtikeah.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 08:48 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 10:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-12 05:19]
"nwiz"="nwiz.exe" [2006-07-12 05:19 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-07-12 05:19]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"TI WLAN"="C:\Program Files\Wireless LAN Utility\TIWLANCu.exe" [2007-03-22 17:54]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-06-22 08:05]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 22:46]
"EPSON Stylus Photo R240 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [2005-04-25 05:00]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]
"iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [2006-09-07 08:21]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [2006-09-07 08:17]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2004-06-10 12:48]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-10-28 22:08]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [2007-09-28 08:42]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-08-16 15:19]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 12:00]
"Aim6"="C:\Program Files\AIM6\aim6.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\[u]0[/u]]
Source= file:///C:\WINDOWS\privacy_danger\index.htm
FriendlyName= Privacy Protection

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\{BC84DF00-BC38-9902-8082-6FCBF2D87A0B}]
C:\WINDOWS\system32\atpakib-deas.dll 2006-02-28 12:00 5120 C:\WINDOWS\system32\atpakib-deas.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\explorer.exe]
Debugger=C:\WINDOWS\system32\ahroxun-edat.exe

S3 Intels51;Intel(R) 536EP V.92 Modem;C:\WINDOWS\system32\DRIVERS\Intels51.sys
S3 TNET1130;802.11 WLAN;C:\WINDOWS\system32\DRIVERS\TNET1130.sys


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{484F4D45-3248-4f4d-4532-484F4D453248}]
C:\WINDOWS\system32\udsacoot.exe
.
Contents of the 'Scheduled Tasks' folder
"2007-11-15 20:47:01 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-15 21:15:42
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-15 21:17:15 - machine was rebooted
C:\ComboFix2.txt ... 2007-11-15 02:36
.
--- E O F ---

ComboFix 08-01-03.4 - user 2008-01-11 20:25:51.8 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.543 [GMT 0:00]
Running from: C:\Documents and Settings\user\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\user\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-12-11 to 2008-01-11 )))))))))))))))))))))))))))))))
.

2008-01-10 04:28 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-01-10 04:27 . 2008-01-10 04:27 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-01-09 17:51 . 2008-01-09 17:51 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-09 17:51 . 2008-01-09 17:51 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-04 11:19 . 2008-01-05 10:09 1,309 --a------ C:\WINDOWS\mozver.dat
2008-01-03 23:03 . 2008-01-04 03:07 <DIR> d-------- C:\Documents and Settings\user\Application Data\ArcSoft
2008-01-03 21:54 . 2004-08-03 23:10 78,464 --a------ C:\WINDOWS\system32\drivers\usbvideo.sys
2008-01-03 21:54 . 2004-08-03 23:10 78,464 --a--c--- C:\WINDOWS\system32\dllcache\usbvideo.sys
2008-01-03 21:54 . 2004-08-04 00:56 20,992 --a------ C:\WINDOWS\system32\dshowext.ax
2008-01-03 21:54 . 2004-08-04 00:56 20,992 --a--c--- C:\WINDOWS\system32\dllcache\dshowext.ax
2008-01-03 21:51 . 2008-01-03 21:51 <DIR> d-------- C:\Program Files\Common Files\ArcSoft
2008-01-03 21:51 . 2005-02-23 14:58 11,776 --a------ C:\WINDOWS\system32\drivers\afc.sys
2008-01-03 21:50 . 2008-01-04 03:04 <DIR> d-------- C:\Program Files\ArcSoft
2008-01-03 02:32 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-01-03 02:32 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-01-03 02:32 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-01-03 02:32 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-01-03 02:32 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-03 02:32 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-31 21:26 . 2007-12-31 21:26 <DIR> d-------- C:\Program Files\Java
2007-12-31 21:26 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-12-26 10:52 . 2008-01-11 20:30 4,188,192 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-26 10:52 . 2008-01-11 18:41 49,652 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-26 10:44 . 2007-12-26 10:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-12-24 09:44 . 2007-12-24 09:44 <DIR> d-------- C:\Program Files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-11 19:44 --------- d-----w C:\Program Files\Windows Live
2008-01-10 04:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-10 02:42 67,777 ----a-w C:\Program Files\log malware.txt
2008-01-10 01:58 162 ---ha-w C:\Program Files\~$g malware.txt
2008-01-04 03:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-03 02:33 3,816 ----a-w C:\WINDOWS\system32\tmp.reg
2007-12-24 10:22 9,605 ----a-w C:\Program Files\hijackthis.log
2007-12-20 14:24 --------- d-----w C:\Program Files\Google
2007-11-21 21:10 --------- d-----w C:\Program Files\Driving Test Success Plus
2007-11-21 12:45 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2007-11-15 14:51 --------- d-----w C:\Documents and Settings\user\Application Data\PlayFirst
2007-11-14 16:05 75,248 ----a-w C:\WINDOWS\zllsputility.exe
2007-11-14 16:05 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-11 20:10 --------- d-----w C:\Program Files\SmitfraudFix
2007-11-09 13:46 401,720 ----a-w C:\Program Files\hijack.exe
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 17:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-18 11:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-07-17 01:51 123,461 ----a-w C:\Program Files\Common Files\Hewlett-Packard.zip
2007-07-05 00:27 1,708,148 ----a-w C:\Documents and Settings\All Users\Documents.zip
2007-06-06 02:21 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2007-05-08 11:08 31,248 ----a-w C:\Program Files\tmpreflt.sys
2007-05-08 11:08 252,128 ----a-w C:\Program Files\Tmfilter.sys
2007-05-08 11:08 197,648 ----a-w C:\Program Files\tmxpflt.sys
2007-05-08 11:08 1,051,456 ----a-w C:\Program Files\VsapiNT.sys
2007-03-23 12:57 132 ----a-w C:\Documents and Settings\user\Application Data\wklnhst.dat
2004-06-22 08:04 94,438 ------w C:\Program Files\hposcu08.inf
2004-06-22 08:04 9,777 ------w C:\Program Files\hpzipr13.inf
2004-06-22 08:04 9,773 ------w C:\Program Files\hpousc08.inf
2004-06-22 08:04 70,656 ------w C:\Program Files\msvcirt.dll
2004-06-22 08:04 7,579 ------w C:\Program Files\hpound08.inf
2004-06-22 08:04 66,431 ------w C:\Program Files\hpoprl04.dat
2004-06-22 08:04 65,420 ------w C:\Program Files\hpoprl05.dat
2004-06-22 08:04 65 ------w C:\Program Files\dxprl.dat
2004-06-22 08:04 6,704 ------w C:\Program Files\hpounp08.inf
2004-06-22 08:04 53,670 ------w C:\Program Files\hposcu08.cat
2004-06-22 08:04 52,349 ------w C:\Program Files\hpzius13.cat
2004-06-22 08:04 52,349 ------w C:\Program Files\HPZius12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzist13.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzist12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzipr13.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\HPZipr12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzid413.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\HPZid412.cat
2004-06-22 08:04 51,026 ------w C:\Program Files\HPOunp08.cat
2004-06-22 08:04 50,615 ------w C:\Program Files\hpzid412.inf
2004-06-22 08:04 5,538 ------w C:\Program Files\hpzist12.inf
2004-06-22 08:04 49,212 ------w C:\Program Files\hpzjvp01.dll
2004-06-22 08:04 458,752 ------w C:\Program Files\tls704d.dll
2004-06-22 08:04 447,400 ------w C:\Program Files\hpoprn08.cat
2004-06-22 08:04 442,425 ------w C:\Program Files\hpzjpp01.dll
2004-06-22 08:04 4,779 ------w C:\Program Files\hpoglu08.inf
2004-06-22 08:04 4,768 ------w C:\Program Files\hpoprl01.dat
2004-06-22 08:04 4,144 ------w C:\Program Files\hpousb08.inf
2004-06-22 08:04 4,132 ------w C:\Program Files\hpzist13.inf
2004-06-22 08:04 4,014 ------w C:\Program Files\hpoprl08.dat
2004-06-22 08:04 399 ------w C:\Program Files\hpzprl01.dat
2004-06-22 08:04 314 ------w C:\Program Files\hpqprl01.dat
2004-06-22 08:04 3,448 ------w C:\Program Files\hpohub08.inf
2004-06-22 08:04 297 ------w C:\Program Files\Readme.html
2004-06-22 08:04 290,873 ------w C:\Program Files\hpzjut01.dll
2004-06-22 08:04 28,722 ------w C:\Program Files\hpzjlog.dll
2004-06-22 08:04 270,336 ------w C:\Program Files\hpzglu10.exe
2004-06-22 08:04 270,336 ------w C:\Program Files\hpzc3212.dll
2004-06-22 08:04 26,768 ------w C:\Program Files\usbhub.sys
2004-06-22 08:04 254,005 ------w C:\Program Files\msvcrt.dll
2004-06-22 08:04 22,636 ------w C:\Program Files\hpzid413.inf
2004-06-22 08:04 22,608 ------w C:\Program Files\usbprint.sys
2004-06-22 08:04 205 ------w C:\Program Files\hpzprl02.dat
2004-06-22 08:04 200,704 ------w C:\Program Files\hpzpnp10.dll
2004-06-22 08:04 20,168 ------w C:\Program Files\hpzius12.inf
2004-06-22 08:04 2,542 ------w C:\Program Files\hpoprl02.dat
2004-06-22 08:04 19,578 ------w C:\Program Files\hpoprl03.dat
2004-06-22 08:04 176,128 ------w C:\Program Files\hpzscr10.dll
2004-06-22 08:04 17,176 ------w C:\Program Files\hpomdl04.dat
2004-06-22 08:04 16,416 ------w C:\Program Files\HPZUCI12.DLL
2004-06-22 08:04 14,845 ------w C:\Program Files\hpoapd01.dat
2004-06-22 08:04 14,815 ------w C:\Program Files\hpzius13.inf
2004-06-22 08:04 137,124 ------w C:\Program Files\hpoprn08.inf
2004-06-22 08:04 12,922 ------w C:\Program Files\hpzipr12.inf
2004-06-22 08:04 12,288 ------w C:\Program Files\usbmon.dll
2004-06-22 08:04 1,980 ------w C:\Program Files\hpoprl07.dat
2004-06-22 08:04 1,479 ------w C:\Program Files\license.txt
2004-06-22 08:04 1,391 ------w C:\Program Files\readme.txt
2004-06-22 08:04 1,073,152 ------w C:\Program Files\Setup.exe
2004-03-17 17:13 1,028,368 ----a-w C:\Program Files\vbrun60sp6.exe
2007-05-28 20:41 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052120070528\index.dat
2007-05-28 20:41 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052820070529\index.dat
2007-05-29 20:49 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052920070530\index.dat
2007-05-30 19:12 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053020070531\index.dat
2007-05-31 19:38 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053120070601\index.dat
2007-06-02 18:05 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007060220070603\index.dat
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of C:\Program Files\Common Files\xing shared ----

2007-10-28 22:09 352256 --a------ C:\Program Files\Common Files\xing shared\mpeg encode\xmencmp3.dll

---- Directory of C:\Program Files\SilverCreekCommonFiles ----

2007-09-02 21:03 360642 --a------ C:\Program Files\SilverCreekCommonFiles\Decks\xmas.hwdck
2007-06-24 08:08 106147 --a------ C:\Program Files\SilverCreekCommonFiles\Decks\Big Head.hwdck


((((((((((((((((((((((((((((( snapshot_2008-01-03_ 2.42.04.42 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-10-05 17:18:44 29,926 ----a-r C:\WINDOWS\Installer\{508CE775-4BA4-4748-82DF-FE28DA9F03B0}\MsblIco.Exe
+ 2008-01-10 04:26:13 29,926 ----a-r C:\WINDOWS\Installer\{508CE775-4BA4-4748-82DF-FE28DA9F03B0}\MsblIco.Exe
- 2007-06-18 17:03:33 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A81000000003}\SC_Reader.exe
+ 2008-01-09 22:44:26 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A81000000003}\SC_Reader.exe
- 1995-07-31 12:44:46 212,480 ----a-w C:\WINDOWS\PCDLIB32.DLL
+ 1995-08-01 04:44:46 212,480 ----a-w C:\WINDOWS\PCDLIB32.DLL
+ 2007-10-11 14:12:48 1,468,968 ------w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2007-11-21 00:52:38 2,884,992 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2007-11-21 00:52:40 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-01-03 13:50:20 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
+ 2006-10-24 12:30:20 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll
- 2006-09-25 16:58:48 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2006-10-16 16:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll
- 2006-09-25 16:58:48 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2006-10-16 16:10:58 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe
- 2003-04-21 13:09:50 245,408 ----a-w C:\WINDOWS\system32\unicows.dll
+ 2005-04-27 16:36:00 245,408 ----a-r C:\WINDOWS\system32\unicows.dll
+ 2006-10-24 12:30:06 716,288 ------w C:\WINDOWS\system32\WindowsCodecs.dll
+ 2006-10-24 12:29:50 352,256 ------w C:\WINDOWS\system32\WindowsCodecsExt.dll
+ 2006-10-24 12:30:00 276,992 ------w C:\WINDOWS\system32\WMPhoto.dll
- 2008-01-03 02:11:29 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
+ 2008-01-11 18:11:32 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 12:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 08:48 16208384 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 10:04 2879488 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-12 05:19 7626752]
"nwiz"="nwiz.exe" [2006-07-12 05:19 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-07-12 05:19 86016]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"TI WLAN"="C:\Program Files\Wireless LAN Utility\TIWLANCu.exe" [2007-03-22 17:54 1150976]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-06-22 08:05 172032]
"EPSON Stylus Photo R240 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [2005-04-25 05:00 98304]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [2006-09-07 08:21 65536]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [2006-09-07 08:17 200704]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2004-06-10 12:48 286720]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [2007-09-28 08:42 1393928]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05 919016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-10-28 22:08 185632]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 22:46 57344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-02-28 12:00 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]

R3 TNET1130;802.11 WLAN;C:\WINDOWS\system32\DRIVERS\TNET1130.sys [2004-12-01 18:35]
S0 twvxlvwr;twvxlvwr;C:\WINDOWS\system32\drivers\gwytwpdy.sys []
S3 Intels51;Intel(R) 536EP V.92 Modem;C:\WINDOWS\system32\DRIVERS\Intels51.sys [2002-03-09 16:42]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a45a072-8e3c-11dc-939c-00120e4979ac}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL index.htm

.
Contents of the 'Scheduled Tasks' folder
"2008-01-11 19:47:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-01-11 18:14:56 C:\WINDOWS\Tasks\User_Feed_Synchronization-{B5DE7115-B5F8-42C9-8237-2669F45FD293}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-11 20:30:42
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> C:\PROGRA~1\ArcSoft\PHOTOI~1\share\pihook.dll
.
Completion time: 2008-01-11 20:32:17
ComboFix-quarantined-files.txt 2008-01-11 20:32:10
ComboFix2.txt 2008-01-10 03:48:34
ComboFix3.txt 2008-01-03 02:42:35
ComboFix4.txt 2007-11-19 04:43:07
ComboFix5.txt 2007-11-18 05:07:40
.
2007-12-13 03:04:41 --- E O F ---
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 14th, 2008, 10:57 am

Hello jemma_79

are you still having problems booting into safe mode and what are the problems you are experiencing now?


Download and Install SuperAntiSpyware Free
  • Launch SuperAntiSpyware
  • Click Check for Updates and update to the latest definitions.
  • Click Scan your Computer
    • Check all boxes in the Scan Location box.
    • Check the Complete Scan radio button.
    • Click Scanning Preferences/Control Centre button.
      • Uncheck Ignore files larger than 4MB (recommended)
      • Check Scan Alternate Data Streams.
      • Click Close.
    • Click Next
  • SuperAntiSpyware will now scan your computer for infection. (This could take in excess of an hour depending on the number of files scanned)
  • When finished it will present you with a summary of its findings.
  • Click OK.
  • The Removal Screen will open.
    • Check the items in the list to mark them for Quarantine.
    • Click Next and SAS will Quarantine them.
Please send me the log.
  • Click the Preferences button.
    • Click the Statistics/Logs tab.
      • Logs are listed by date and time, click on the latest one to highlight it (at the top).
      • Click View log.
    • This will open a log page.
    • Copy/Paste the contents in your next post please.
CAUTION: SuperAntiSpyware comes with a program called Bootsafe, do not for any reason use this program , if used on an infected computer it could render it UNBOOTABLE.



:Run Kaspersky Online AV Scanner:

Order to use it you have to use Internet Explorer.
Go to Kaspersky and click the Accept button at the end of the page.

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.
  • Read the Requirements and limitations before you click Accept.
  • Allow the ActiveX download if necessary.
  • Once the database has downloaded, click Next.
  • Click Scan Settings and change the "Scan using the following antivirus database" from standard to extended and then click OK.
  • Click on "My Computer"
  • When the scan has completed, click Save Report As...
  • Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
  • Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.

Copy and paste the report into your next reply



send me the log from SAS
and the log from Kaspersky



Gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 14th, 2008, 5:26 pm

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, January 14, 2008 9:19:58 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 14/01/2008
Kaspersky Anti-Virus database records: 510798
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\

Scan Statistics:
Total number of scanned objects: 75778
Number of viruses found: 13
Number of infected objects: 2167
Number of suspicious objects: 0
Duration of the scan process: 01:27:42

Infected Object Name / Virus Name / Last Action
C:\Deckard\System Scanner\20071121205224\backup\WINDOWS\Downloaded Program Files\popcaploader.dll Infected: not-a-virus:Downloader.Win32.PopCap.a skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Documents\Documents\My Music\AOL 9.0a\update.exe Infected: Trojan-Downloader.Win32.Small.eig skipped
C:\Documents and Settings\All Users\Documents.zip/Documents/My Music/AOL 9.0a/update.exe Infected: Trojan-Downloader.Win32.Small.eig skipped
C:\Documents and Settings\All Users\Documents.zip ZIP: infected - 1 skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\123[1].htm.bac_a02476/packed Infected: Exploit.Win32.IMG-ANI.ak skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\123[1].htm.bac_a02476 GZIP: infected - 1 skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\123[1].htm.bac_a02476 CryptFF.b: infected - 1 skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\640178de-1b7bdbd3.bac_a02124 Infected: Exploit.Java.Gimsh.a skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll.bac_a00304 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll.bac_a00408 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll.bac_a02140 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll.bac_a02476 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll.bac_a03820 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll㴘ਲ਼.bac_a03944 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\do.exe.bac_a02476 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\ibm00005.dll.bac_a02124 Infected: Trojan-PSW.Win32.Sinowal.m skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\java.class-4ef464a-1f63b88d.class.bac_a02124 Infected: Exploit.Java.Gimsh.a skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\ouxtikeah.dll.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\ouxtikeah.dll.bac_a02476 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\ouxtikeah.dll.bac_a03944 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(10).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(11).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(12).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(13).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(14).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(15).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(16).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(17).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(18).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(19).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(2).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(20).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(21).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(22).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(23).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(24).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(25).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(26).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(27).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(28).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(29).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(3).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(30).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(31).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(32).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(33).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(34).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(35).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(36).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(37).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(38).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(39).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(4).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(40).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(41).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(42).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(43).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(44).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(45).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(46).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(47).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(5).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(6).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(7).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(8).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(9).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot.exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot.exe.bac_a03820 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot.exe.bac_a03944 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\win32[1].exe.bac_a02476 Infected: Email-Worm.Win32.Zhelatin.da skipped
C:\Documents and Settings\user\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped
C:\Documents and Settings\user\Application Data\tmp3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\user\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\user\ntuser.dat Object is locked skipped
C:\Documents and Settings\user\ntuser.dat.LOG Object is locked skipped
C:\Program Files\MSN Messenger\msimg32.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Program Files\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\100.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\101.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\102.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\103.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\104.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\105.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\106.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\107.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\108.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\109.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\110.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\111.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\112.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\113.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\114.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\115.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\116.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\117.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\118.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\119.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\120.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\121.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\122.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\123.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\124.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\125.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\126.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\127.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\128.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\129.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\130.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\131.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\132.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\133.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\134.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\135.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\136.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\137.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\138.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\139.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\140.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\141.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\142.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\143.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\144.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\145.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\146.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\147.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\148.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\149.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\150.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\151.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\152.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\153.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\154.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\155.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\156.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\157.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\158.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\159.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\160.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\161.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\162.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\163.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\164.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\165.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\166.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\167.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\168.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\169.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\170.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\171.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\172.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\173.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\174.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\175.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\176.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\177.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\178.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\179.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\180.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\181.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\182.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\183.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\184.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\185.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\186.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\187.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\188.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\189.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\190.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\191.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\192.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\193.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\194.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\195.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\196.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\197.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\198.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\199.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1AA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1AB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1AC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1AD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1AE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1AF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1BA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1BB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1BC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1BD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1BE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1BF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1CA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1CB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1CC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1CD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1CE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1CF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1D0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1D1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1D7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1D8.tmp Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1D9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1DA.tmp Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1DB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1DC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1DD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1DE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1DF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1EA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1EB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1EC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1ED.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1EE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1EF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1FA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1FB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1FC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1FD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1FE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1FF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\200.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\201.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\202.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\203.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\204.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\205.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\206.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\207.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\208.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\209.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\210.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\211.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\212.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\213.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\214.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\215.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\216.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\217.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\218.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\219.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\220.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\221.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\222.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\223.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\224.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\225.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\226.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\227.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\228.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\229.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\230.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\231.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\232.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\233.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\234.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\235.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\236.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\237.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\238.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\239.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\240.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\241.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\242.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\243.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\244.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\245.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\246.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\247.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\248.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\249.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\250.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\251.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\252.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\253.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\254.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\255.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\256.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\257.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\258.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\259.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\260.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\261.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\262.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\263.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\264.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\265.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\266.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\267.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\268.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\269.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\270.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\271.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\272.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\273.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\274.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\275.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\276.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\277.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\278.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\279.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\280.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\281.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\282.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\283.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\284.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\285.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\286.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\287.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\288.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\289.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\290.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\291.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\292.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\293.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\294.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\295.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\296.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\297.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\298.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\299.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2AA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2AB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2AC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2AD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2AE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2AF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2BA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2BB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2BC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2BD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2BE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2BF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2CA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2CB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2CC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2CD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2CE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2CF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2DA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2DB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2DC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2DD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2DE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2DF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2EA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2EB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2EC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2ED.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2EE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2EF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2FA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2FB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2FC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2FD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2FE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2FF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\300.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\301.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\302.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\303.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\304.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\305.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\306.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\307.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\308.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\309.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\310.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\311.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\312.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\313.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\314.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\315.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\316.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\317.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\318.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\319.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\320.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\321.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\322.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\323.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\324.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\325.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\326.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\327.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\328.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\329.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\330.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\331.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\332.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\333.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\334.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\335.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\336.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\337.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\338.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\339.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\340.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\341.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\342.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\343.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\344.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\345.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\346.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\347.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\348.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\349.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\350.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\351.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\352.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\353.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\354.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\355.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\356.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\357.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\358.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\359.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\360.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\361.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\362.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\363.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\364.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\365.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\366.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\367.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\368.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\369.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\370.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\371.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\372.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\373.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\374.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\375.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\376.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\377.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\378.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\379.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\380.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\381.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\382.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\383.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\384.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\385.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\386.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\387.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\388.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\389.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\390.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\391.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\392.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\393.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\394.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\395.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\396.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\397.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\398.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\399.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3AA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3AB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3AC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3AD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3AE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3AF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3BA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3BB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3BC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3BD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3BE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3BF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3CA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3CB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3CC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3CD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3CE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3CF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3DA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3DB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3DC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3DD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3DE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3DF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3EA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3EB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3EC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3ED.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3EE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3EF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3FA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3FB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3FC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3FD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3FE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3FF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\400.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\401.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\402.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\403.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\404.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\405.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\406.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\407.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\408.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\409.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\410.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\411.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\412.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\413.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\414.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\415.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\416.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\417.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\418.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\419.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\420.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\421.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\422.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\423.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\424.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\425.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\426.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\427.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\428.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\429.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\430.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\431.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\432.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\433.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\434.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\435.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\436.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\437.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\438.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\439.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\440.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\441.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\442.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\443.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\444.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\445.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\446.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\447.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\448.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\449.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\450.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\451.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\452.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\453.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\454.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\455.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\456.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\457.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\458.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\459.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\460.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\461.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\462.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\463.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\464.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\465.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\466.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\467.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\468.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\469.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\470.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\471.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\472.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\473.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\474.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\475.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\476.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\477.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\478.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\479.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\48.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\480.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\481.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\482.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\483.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\484.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\485.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\486.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\487.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\488.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\489.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\48A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\48B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\48C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\49.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\495.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\496.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\497.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\498.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\49B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4AA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4AB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4AC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4AD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4AE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4AF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4BA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4BB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4BC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4BD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4BE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4BF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C5.tmp Infected: Trojan-Downloader.Win32.Delf.dgj skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp/ahroxun-edat.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp/atpakib-deas.dll Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp/ekvakuh-easac.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp/udsacoot.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp/ouxtikeah.dll Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp ZIP: infected - 5 skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp CryptFF.b: infected - 5 skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\50.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\51.tmp Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\52.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\53.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\54.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\55.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\56.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\57.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\58.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\59.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\60.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\61.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\62.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\63.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\64.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\65.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\66.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\67.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\68.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\69.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\70.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\71.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\72.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\73.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\74.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\75.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\76.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\77.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\78.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\79.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\80.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\81.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\82.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\83.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\84.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\85.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\86.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\87.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\88.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\89.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\90.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\91.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\92.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\93.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\94.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\95.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\96.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\97.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\98.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\99.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0233312.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0234312.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0235312.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0236312.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0237312.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0238312.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0266461.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0267460.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0268460.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0269460.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0270461.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0271461.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0272461.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273461.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273542.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273579.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273598.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273614.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273632.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273648.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273665.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273683.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273958.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273975.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0274003.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0274025.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0274045.dll Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\AA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\AB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\AC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\AD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\AE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\AF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\BA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\BB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\BC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\BD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\BE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\BF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\CA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\CB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\CC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\CD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\CE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\CF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\DA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\DB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\DC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\DD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\DE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\DF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\EA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\EB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\EC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\ED.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\EE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\EF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\FA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\FB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\FC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\FD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\FE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\FF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\ouxtikeah.dll Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217265.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217267.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217290.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217291.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217317.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217319.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217345.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217347.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217694.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217695.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217703.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217705.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217712.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217714.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217721.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217722.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217731.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP351\A0217732.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP352\A0217741.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP352\A0217742.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP352\A0217750.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP352\A0217751.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP352\A0217759.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP352\A0217760.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP352\A0217769.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP352\A0217771.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217778.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217779.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217788.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217789.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217797.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217798.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217805.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217808.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217816.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217818.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217825.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217827.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217836.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP353\A0217838.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP354\A0217845.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP354\A0217847.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP354\A0217854.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP354\A0217855.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP354\A0217863.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP354\A0217865.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP354\A0217873.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP354\A0217875.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP354\A0217885.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP354\A0217887.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP355\A0217897.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP355\A0217898.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217930.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217931.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217933.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217934.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217936.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217937.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217939.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217940.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217942.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217943.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217945.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217946.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217948.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217951.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217959.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217960.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217969.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217970.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217982.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217983.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217997.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0217998.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0218006.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0218008.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0218029.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0218031.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0218056.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0218058.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0218066.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0218067.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0218080.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0218082.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0218089.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0218090.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0219089.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP356\A0219090.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP357\A0219099.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP357\A0219100.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP357\A0219115.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP357\A0219116.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP358\A0219138.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP358\A0219141.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP358\A0219153.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP358\A0219154.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP358\A0219162.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP358\A0219163.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP358\A0219175.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP358\A0219176.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP358\A0219186.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP358\A0219187.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP358\A0219197.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP358\A0219198.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP360\A0219580.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP360\A0219582.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP360\A0219605.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP360\A0219606.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP360\A0220605.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP360\A0220607.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP360\A0220616.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP360\A0220617.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP360\A0220625.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP360\A0220626.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP360\A0220686.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP360\A0220687.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP366\A0221000.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP366\A0221002.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP366\A0221013.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP366\A0221014.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP366\A0221025.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP366\A0221026.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221062.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221063.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221065.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221066.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221068.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221069.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221078.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221080.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221090.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221091.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221106.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221107.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221120.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221122.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221128.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221131.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221138.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221139.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221152.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221154.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221159.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221160.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221177.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221178.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221186.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221188.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221196.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221197.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221228.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221230.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221237.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0221238.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222237.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222238.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222253.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222255.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222262.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222263.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222271.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222272.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222280.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222281.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222289.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222291.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222307.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP367\A0222308.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222316.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222317.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222340.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222341.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222349.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222351.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222362.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222364.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222373.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222375.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222386.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222387.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222395.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222396.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222404.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222406.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222414.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP368\A0222417.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0222435.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0222436.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0222446.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0222448.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0222455.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0222456.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0222464.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0222466.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0222473.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0222475.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0223473.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0223474.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0223482.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0223484.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0223494.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP369\A0223496.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP370\A0223513.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP370\A0223515.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP370\A0223547.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP370\A0223549.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP370\A0223556.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP370\A0223558.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP370\A0223578.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP370\A0223579.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP370\A0224578.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP370\A0224579.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP370\A0224601.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP370\A0224602.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP371\A0224953.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP371\A0224954.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP372\A0225003.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP372\A0225004.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP373\A0226002.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP373\A0226005.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP373\A0227003.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP373\A0227004.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0227470.dll Infected: not-a-virus:AdWare.Win32.Vapsup.kz skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0227677.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0227678.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0227682.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0227683.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0227687.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0227688.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0228277.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0228278.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0228292.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0228293.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0229291.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0229294.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0229309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0229310.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0230309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0230310.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0231309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0231310.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0232309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0232310.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0233309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0233311.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0234309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0234311.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0235308.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0235311.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0236309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0236311.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0237309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0237310.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0238309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0238311.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0239309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0239311.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0240309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0240310.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0241309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0241310.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0242309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0242310.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0243309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0243310.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0244309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0244310.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0245309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0245311.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0246309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0246311.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0247309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0248309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0248310.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0249309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0249311.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0250309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0250310.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0251309.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0251310.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0251323.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0251324.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0252323.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0252325.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0253323.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0253324.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0254323.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0254325.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0254336.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0254338.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0255336.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0255337.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0256336.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0256337.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0257336.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0257337.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0258336.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0258338.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0259336.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0259338.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0260336.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0260337.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0261336.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0261337.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0262336.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0262337.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP375\A0262357.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP375\A0262359.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP375\A0263357.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP375\A0263359.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP375\A0264357.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP375\A0264358.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP375\A0264369.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP375\A0264372.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP375\A0265370.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP375\A0265372.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0265382.dll Infected: Trojan-Downloader.Win32.Agent.bfj skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0265390.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0265392.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0265440.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0265441.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0265458.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0265460.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0266458.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0266459.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0267458.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0267459.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0268458.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0268459.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0269458.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0269459.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0270458.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0270460.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0271458.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0271460.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0272458.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0272459.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0273458.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0273459.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP377\A0273479.dll Infected: not-a-virus:AdWare.Win32.Vapsup.kz skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP377\A0273495.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP377\A0273539.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP377\A0273541.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273576.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273578.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273595.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273596.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273612.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273613.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273629.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273631.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273645.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273647.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273662.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273663.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273680.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP378\A0273682.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273692.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273693.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273694.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273695.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273696.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273697.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273698.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273699.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273700.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273701.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273702.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273703.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273704.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273705.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273706.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273707.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273708.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273709.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273710.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273711.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273712.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273713.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273714.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273715.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273716.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273717.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273718.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273719.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273720.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273721.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273722.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273723.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273724.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273725.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273726.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273727.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273728.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273729.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273730.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273731.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273732.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273733.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273734.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273735.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273736.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273737.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273738.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273739.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273740.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273741.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273742.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273743.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273744.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273745.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273746.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273747.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273748.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273749.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273750.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273751.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273752.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273753.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273754.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273755.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273756.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273757.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273758.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273759.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273760.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273761.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273762.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273763.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273764.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273765.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273766.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273767.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273768.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273769.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273770.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273771.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273772.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273773.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273774.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273775.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273776.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273777.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273778.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273779.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273780.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273781.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273782.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273783.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273784.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273785.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273786.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273787.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273788.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273789.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273790.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273791.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273792.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273793.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273794.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273795.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273796.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273797.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273798.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273799.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273800.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273801.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273802.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273803.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273804.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273805.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273806.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273807.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273808.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273809.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273810.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273811.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273812.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273813.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273814.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273815.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273816.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273817.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273818.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273819.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273820.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273821.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273822.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273823.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273824.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273825.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273826.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273827.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273828.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273829.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273830.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273831.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273832.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273833.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273834.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273835.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273836.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273837.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273838.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273839.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273840.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273841.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273842.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273843.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273844.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273845.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273846.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273847.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273848.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273849.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273850.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273851.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273852.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273853.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273854.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273855.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273856.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273857.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273858.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273859.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273860.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273861.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273862.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273863.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273864.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273865.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273866.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273867.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273868.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273869.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273870.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273871.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273872.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273873.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273874.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273875.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273876.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273877.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273878.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273879.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273880.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273881.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273882.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273883.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273884.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273885.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273886.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273887.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273888.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273889.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273890.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273891.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273892.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273893.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273894.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273895.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273896.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273897.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273898.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273899.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273900.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273901.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273902.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273903.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273904.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273905.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273906.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273907.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273908.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273909.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273910.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273911.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273912.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273913.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273914.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273915.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273916.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273917.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273918.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273919.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273920.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273921.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273922.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273923.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273924.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273925.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273926.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273927.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273928.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273929.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273930.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273931.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273932.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273933.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273934.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273935.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273936.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273937.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273938.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273939.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273940.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273941.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273942.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273943.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273955.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273957.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273972.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0273973.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0274000.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0274001.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0274022.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP379\A0274023.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP405\A0294510.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP428\A0301620.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP428\A0301620.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP428\A0301620.exe RarSFX: infected - 2 skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP444\A0308950.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP446\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\djb.exe Infected: Trojan-Downloader.Win32.Small.eig skipped
C:\WINDOWS\fseob.exe Infected: Trojan-Downloader.Win32.Small.eig skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\HOME2.ldb Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\md.exe Infected: Trojan-Downloader.Win32.Small.eig skipped
C:\WINDOWS\qdtkq.exe Infected: Trojan-Downloader.Win32.Small.eig skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\WINDOWS\system\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\WINDOWS\system\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\WINDOWS\system\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\WINDOWS\system\SmitfraudFix.exe RarSFX: infected - 2 skipped
C:\WINDOWS\system32\ahroxun-edat(10).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(100).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(101).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(102).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(103).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(104).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(105).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(106).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(107).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(108).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(109).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(11).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(110).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(111).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(112).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(113).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(114).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(115).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(116).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(117).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(118).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(119).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(12).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(120).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(121).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(122).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(123).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(124).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(125).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(126).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(127).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(128).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(129).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(13).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(130).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(131).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(132).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(133).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(134).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(135).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(136).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(137).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(138).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(139).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(14).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(140).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(141).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(142).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(143).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(144).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(145).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(146).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(147).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(148).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(149).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(15).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(150).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(151).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(152).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(153).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(154).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(155).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(156).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(157).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(158).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(159).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(16).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(160).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(161).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(162).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(163).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(164).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(165).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(166).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(167).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(168).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(169).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(17).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(170).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(171).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(172).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(173).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(174).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(175).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(176).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(177).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(178).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(179).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(18).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(180).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(181).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(182).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(183).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(184).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(185).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(186).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(187).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(188).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(189).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(19).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(190).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(191).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(192).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(193).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(194).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(195).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(196).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(197).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(198).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(199).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(2).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(20).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(200).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(201).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(202).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(203).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(204).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(205).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(206).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(207).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(208).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(209).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(21).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(210).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(211).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(212).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(213).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(214).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(215).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(216).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(217).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(218).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(219).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(22).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(220).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(221).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(222).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(223).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(224).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(225).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(226).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(227).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(228).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(229).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(23).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(230).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(231).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(232).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(233).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(24).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(25).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(26).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(27).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(28).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(29).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(3).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(30).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(31).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(32).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(33).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(34).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(35).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(36).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(37).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(38).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(39).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(4).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(40).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(41).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(42).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(43).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(44).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(45).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(46).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(47).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(48).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(49).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(5).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(50).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(51).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(52).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(53).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(54).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(55).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(56).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(57).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(58).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(59).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(6).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(60).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(61).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(62).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(63).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(64).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(65).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(66).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(67).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(68).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(69).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(7).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(70).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(71).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(72).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(73).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(74).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(75).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(76).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(77).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(78).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(79).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(8).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(80).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(81).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(82).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(83).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(84).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(85).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(86).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(87).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(88).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(89).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(9).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(90).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(91).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(92).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(93).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(94).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(95).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(96).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(97).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(98).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\ahroxun-edat(99).exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped
C:\WINDOWS\system32\config\OSession.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\TEMP\ZLT01b08.TMP Object is locked skipped
C:\WINDOWS\TEMP\ZLT06c5f.TMP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\yq.exe Infected: Trojan-Downloader.Win32.Small.eig skipped

Scan process completed.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/14/2008 at 07:03 PM

Application Version : 3.9.1008

Core Rules Database Version : 3379
Trace Rules Database Version: 1373

Scan type : Complete Scan
Total Scan Time : 01:32:46

Memory items scanned : 400
Memory threats detected : 0
Registry items scanned : 5589
Registry threats detected : 0
File items scanned : 72735
File threats detected : 82

Adware.Tracking Cookie
C:\Documents and Settings\user\Cookies\user@statcounter[1].txt
C:\Documents and Settings\user\Cookies\user@www.adult-empire[2].txt
C:\Documents and Settings\user\Cookies\user@counter7.sextracker[1].txt
C:\Documents and Settings\user\Cookies\user@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\user\Cookies\user@yadro[1].txt
C:\Documents and Settings\user\Cookies\user@counter3.sextracker[1].txt
C:\Documents and Settings\user\Cookies\user@server.iad.liveperson[1].txt
C:\Documents and Settings\user\Cookies\user@webpower[1].txt
C:\Documents and Settings\user\Cookies\user@aoluk.122.2o7[1].txt
C:\Documents and Settings\user\Cookies\user@image.masterstats[1].txt
C:\Documents and Settings\user\Cookies\user@2o7[2].txt
C:\Documents and Settings\user\Cookies\user@adrevolver[1].txt
C:\Documents and Settings\user\Cookies\user@carphonewarehouse.112.2o7[1].txt
C:\Documents and Settings\user\Cookies\user@www.belstat[1].txt
C:\Documents and Settings\user\Cookies\user@stopzilla[1].txt
C:\Documents and Settings\user\Cookies\user@ads.aol.co[1].txt
C:\Documents and Settings\user\Cookies\user@www.3xtoplist[1].txt
C:\Documents and Settings\user\Cookies\user@ad.yieldmanager[1].txt
C:\Documents and Settings\user\Cookies\user@tribalfusion[1].txt
C:\Documents and Settings\user\Cookies\user@myxxxinterracial[2].txt
C:\Documents and Settings\user\Cookies\user@atdmt[2].txt
C:\Documents and Settings\user\Cookies\user@microsoftwlmessengermkt.112.2o7[1].txt
C:\Documents and Settings\user\Cookies\user@sextracker[2].txt
C:\Documents and Settings\user\Cookies\user@media.adrevolver[1].txt
C:\Documents and Settings\user\Cookies\user@xxxcounter[2].txt
C:\Documents and Settings\user\Cookies\user@counter5.sextracker[1].txt
C:\Documents and Settings\user\Cookies\user@tradedoubler[2].txt
C:\Documents and Settings\user\Cookies\user@doubleclick[1].txt
C:\Documents and Settings\user\Cookies\user@www.stopzilla[2].txt
C:\Documents and Settings\user\Cookies\user@msnportal.112.2o7[1].txt
C:\Documents and Settings\user\Cookies\user@specificclick[1].txt
C:\Documents and Settings\user\Cookies\user@sexlist[1].txt
C:\Documents and Settings\user\Cookies\user@advertising[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@3.adbrite[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@ads.aol.co[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@ads.vs[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@adultadworld[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@adultcheck[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@adultspyeyes[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@amateur-porn-links[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@best-free-xxx[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@bestmanage3[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@carasexe[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@counter.cnw[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@crazyhomesex[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@cz6.clickzs[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@.topamateurforum[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@gostats[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@heaven.pornwebring[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@homemadeporn[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@imabanner[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@image.masterstats[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@m1.webstats.motigo[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@mywebsearch[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@porndomain.sexgroomhost[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@stats3.porntrack[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@stats[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@toplist[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@toplist[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@toplist[3].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@toplist[5].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@tops.selectedsex[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@vip2.clickzs[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@www.allpornpictures[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@www.counter[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@www.freestats[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@www.hairytop[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@www.homemadeporn[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@www.sexecam[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@www.sito-porno[2].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@www.theporntoplist[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@www.top-celebrity-sex[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@www.xtoplist[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@xiti[1].txt
C:\WINDOWS\system32\config\systemprofile\Cookies\system@yadro[2].txt

Adware.180solutions/Seekmo
C:\SYSTEM VOLUME INFORMATION\_RESTORE{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP370\A0223510.DLL

Trojan.Net-MSV/VPS-H
C:\SYSTEM VOLUME INFORMATION\_RESTORE{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0227473.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP377\A0273478.DLL

Trojan.Smitfraud Variant-Gen/BR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP374\A0227474.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP376\A0265434.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP377\A0273477.DLL

Trojan.Unclassifed/K-Series
C:\SYSTEM VOLUME INFORMATION\_RESTORE{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP421\A0298830.EXE
i am still unable to start in safe mode
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 15th, 2008, 8:08 am

hello jemma_79

did you make this zip folder
C:\Documents and Settings\All Users\Documents.zip
if you did is there any thing important inside that you would like to keep
let me know in your next post


:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

Code: Select all
File:: 
C:\Program Files\MSN Messenger\msimg32.dll 	
C:\Documents and Settings\All Users\Documents\Documents\My Music\AOL 9.0a\update.exe 	
C:\Documents and Settings\user\Application Data\tmp3.tmp 	
C:\WINDOWS\djb.exe 	
C:\WINDOWS\fseob.exe 	
C:\WINDOWS\md.exe 	
C:\WINDOWS\qdtkq.exe 
C:\WINDOWS\system32\ahroxun-edat(10).exe 	
C:\WINDOWS\system32\ahroxun-edat(100).exe 	
C:\WINDOWS\system32\ahroxun-edat(101).exe 	
C:\WINDOWS\system32\ahroxun-edat(102).exe 	
C:\WINDOWS\system32\ahroxun-edat(103).exe 	
C:\WINDOWS\system32\ahroxun-edat(104).exe 	
C:\WINDOWS\system32\ahroxun-edat(105).exe 	
C:\WINDOWS\system32\ahroxun-edat(106).exe 	
C:\WINDOWS\system32\ahroxun-edat(107).exe 	
C:\WINDOWS\system32\ahroxun-edat(108).exe 	
C:\WINDOWS\system32\ahroxun-edat(109).exe 	
C:\WINDOWS\system32\ahroxun-edat(11).exe 	
C:\WINDOWS\system32\ahroxun-edat(110).exe 	
C:\WINDOWS\system32\ahroxun-edat(111).exe 	
C:\WINDOWS\system32\ahroxun-edat(112).exe 	
C:\WINDOWS\system32\ahroxun-edat(113).exe 	
C:\WINDOWS\system32\ahroxun-edat(114).exe 	
C:\WINDOWS\system32\ahroxun-edat(115).exe 	
C:\WINDOWS\system32\ahroxun-edat(116).exe 	
C:\WINDOWS\system32\ahroxun-edat(117).exe 	
C:\WINDOWS\system32\ahroxun-edat(118).exe 	
C:\WINDOWS\system32\ahroxun-edat(119).exe 	
C:\WINDOWS\system32\ahroxun-edat(12).exe 	
C:\WINDOWS\system32\ahroxun-edat(120).exe 	
C:\WINDOWS\system32\ahroxun-edat(121).exe 	
C:\WINDOWS\system32\ahroxun-edat(122).exe 	
C:\WINDOWS\system32\ahroxun-edat(123).exe 	
C:\WINDOWS\system32\ahroxun-edat(124).exe 	
C:\WINDOWS\system32\ahroxun-edat(125).exe 	
C:\WINDOWS\system32\ahroxun-edat(126).exe 	
C:\WINDOWS\system32\ahroxun-edat(127).exe 	
C:\WINDOWS\system32\ahroxun-edat(128).exe 	
C:\WINDOWS\system32\ahroxun-edat(129).exe 	
C:\WINDOWS\system32\ahroxun-edat(13).exe 	
C:\WINDOWS\system32\ahroxun-edat(130).exe 	
C:\WINDOWS\system32\ahroxun-edat(131).exe 	
C:\WINDOWS\system32\ahroxun-edat(132).exe 	
C:\WINDOWS\system32\ahroxun-edat(133).exe 	
C:\WINDOWS\system32\ahroxun-edat(134).exe 	
C:\WINDOWS\system32\ahroxun-edat(135).exe 	
C:\WINDOWS\system32\ahroxun-edat(136).exe 	
C:\WINDOWS\system32\ahroxun-edat(137).exe 	
C:\WINDOWS\system32\ahroxun-edat(138).exe 	
C:\WINDOWS\system32\ahroxun-edat(139).exe 	
C:\WINDOWS\system32\ahroxun-edat(14).exe 	
C:\WINDOWS\system32\ahroxun-edat(140).exe 	
C:\WINDOWS\system32\ahroxun-edat(141).exe 	
C:\WINDOWS\system32\ahroxun-edat(142).exe 	
C:\WINDOWS\system32\ahroxun-edat(143).exe 	
C:\WINDOWS\system32\ahroxun-edat(144).exe 	
C:\WINDOWS\system32\ahroxun-edat(145).exe 	
C:\WINDOWS\system32\ahroxun-edat(146).exe 	
C:\WINDOWS\system32\ahroxun-edat(147).exe 	
C:\WINDOWS\system32\ahroxun-edat(148).exe 	
C:\WINDOWS\system32\ahroxun-edat(149).exe 	
C:\WINDOWS\system32\ahroxun-edat(15).exe 	
C:\WINDOWS\system32\ahroxun-edat(150).exe 	
C:\WINDOWS\system32\ahroxun-edat(151).exe 	
C:\WINDOWS\system32\ahroxun-edat(152).exe 	
C:\WINDOWS\system32\ahroxun-edat(153).exe 	
C:\WINDOWS\system32\ahroxun-edat(154).exe 	
C:\WINDOWS\system32\ahroxun-edat(155).exe 	
C:\WINDOWS\system32\ahroxun-edat(156).exe 	
C:\WINDOWS\system32\ahroxun-edat(157).exe 	
C:\WINDOWS\system32\ahroxun-edat(158).exe 	
C:\WINDOWS\system32\ahroxun-edat(159).exe 	
C:\WINDOWS\system32\ahroxun-edat(16).exe 	
C:\WINDOWS\system32\ahroxun-edat(160).exe 	
C:\WINDOWS\system32\ahroxun-edat(161).exe 	
C:\WINDOWS\system32\ahroxun-edat(162).exe 	
C:\WINDOWS\system32\ahroxun-edat(163).exe 	
C:\WINDOWS\system32\ahroxun-edat(164).exe 	
C:\WINDOWS\system32\ahroxun-edat(165).exe 	
C:\WINDOWS\system32\ahroxun-edat(166).exe 	
C:\WINDOWS\system32\ahroxun-edat(167).exe 	
C:\WINDOWS\system32\ahroxun-edat(168).exe 	
C:\WINDOWS\system32\ahroxun-edat(169).exe 	
C:\WINDOWS\system32\ahroxun-edat(17).exe 	
C:\WINDOWS\system32\ahroxun-edat(170).exe 	
C:\WINDOWS\system32\ahroxun-edat(171).exe 	
C:\WINDOWS\system32\ahroxun-edat(172).exe 	
C:\WINDOWS\system32\ahroxun-edat(173).exe 	
C:\WINDOWS\system32\ahroxun-edat(174).exe 	
C:\WINDOWS\system32\ahroxun-edat(175).exe 	
C:\WINDOWS\system32\ahroxun-edat(176).exe 	
C:\WINDOWS\system32\ahroxun-edat(177).exe 	
C:\WINDOWS\system32\ahroxun-edat(178).exe 	
C:\WINDOWS\system32\ahroxun-edat(179).exe 	
C:\WINDOWS\system32\ahroxun-edat(18).exe 	
C:\WINDOWS\system32\ahroxun-edat(180).exe 	
C:\WINDOWS\system32\ahroxun-edat(181).exe 	
C:\WINDOWS\system32\ahroxun-edat(182).exe 	
C:\WINDOWS\system32\ahroxun-edat(183).exe 	
C:\WINDOWS\system32\ahroxun-edat(184).exe 	
C:\WINDOWS\system32\ahroxun-edat(185).exe 	
C:\WINDOWS\system32\ahroxun-edat(186).exe 	
C:\WINDOWS\system32\ahroxun-edat(187).exe 	
C:\WINDOWS\system32\ahroxun-edat(188).exe 	
C:\WINDOWS\system32\ahroxun-edat(189).exe 	
C:\WINDOWS\system32\ahroxun-edat(19).exe 	
C:\WINDOWS\system32\ahroxun-edat(190).exe 	
C:\WINDOWS\system32\ahroxun-edat(191).exe 	
C:\WINDOWS\system32\ahroxun-edat(192).exe 	
C:\WINDOWS\system32\ahroxun-edat(193).exe 	
C:\WINDOWS\system32\ahroxun-edat(194).exe 	
C:\WINDOWS\system32\ahroxun-edat(195).exe 	
C:\WINDOWS\system32\ahroxun-edat(196).exe 	
C:\WINDOWS\system32\ahroxun-edat(197).exe 	
C:\WINDOWS\system32\ahroxun-edat(198).exe 	
C:\WINDOWS\system32\ahroxun-edat(199).exe 	
C:\WINDOWS\system32\ahroxun-edat(2).exe 	
C:\WINDOWS\system32\ahroxun-edat(20).exe 	
C:\WINDOWS\system32\ahroxun-edat(200).exe 	
C:\WINDOWS\system32\ahroxun-edat(201).exe 	
C:\WINDOWS\system32\ahroxun-edat(202).exe 	
C:\WINDOWS\system32\ahroxun-edat(203).exe 	
C:\WINDOWS\system32\ahroxun-edat(204).exe 	
C:\WINDOWS\system32\ahroxun-edat(205).exe 	
C:\WINDOWS\system32\ahroxun-edat(206).exe 	
C:\WINDOWS\system32\ahroxun-edat(207).exe 	
C:\WINDOWS\system32\ahroxun-edat(208).exe 	
C:\WINDOWS\system32\ahroxun-edat(209).exe 	
C:\WINDOWS\system32\ahroxun-edat(21).exe 	
C:\WINDOWS\system32\ahroxun-edat(210).exe 	
C:\WINDOWS\system32\ahroxun-edat(211).exe 	
C:\WINDOWS\system32\ahroxun-edat(212).exe 	
C:\WINDOWS\system32\ahroxun-edat(213).exe 	
C:\WINDOWS\system32\ahroxun-edat(214).exe 	
C:\WINDOWS\system32\ahroxun-edat(215).exe 	
C:\WINDOWS\system32\ahroxun-edat(216).exe 	
C:\WINDOWS\system32\ahroxun-edat(217).exe 	
C:\WINDOWS\system32\ahroxun-edat(218).exe 	
C:\WINDOWS\system32\ahroxun-edat(219).exe 	
C:\WINDOWS\system32\ahroxun-edat(22).exe 	
C:\WINDOWS\system32\ahroxun-edat(220).exe 	
C:\WINDOWS\system32\ahroxun-edat(221).exe 	
C:\WINDOWS\system32\ahroxun-edat(222).exe 	
C:\WINDOWS\system32\ahroxun-edat(223).exe 	
C:\WINDOWS\system32\ahroxun-edat(224).exe 	
C:\WINDOWS\system32\ahroxun-edat(225).exe 	
C:\WINDOWS\system32\ahroxun-edat(226).exe 	
C:\WINDOWS\system32\ahroxun-edat(227).exe 	
C:\WINDOWS\system32\ahroxun-edat(228).exe 	
C:\WINDOWS\system32\ahroxun-edat(229).exe 	
C:\WINDOWS\system32\ahroxun-edat(23).exe 	
C:\WINDOWS\system32\ahroxun-edat(230).exe 	
C:\WINDOWS\system32\ahroxun-edat(231).exe 	
C:\WINDOWS\system32\ahroxun-edat(232).exe 	
C:\WINDOWS\system32\ahroxun-edat(233).exe 	
C:\WINDOWS\system32\ahroxun-edat(24).exe 	
C:\WINDOWS\system32\ahroxun-edat(25).exe 	
C:\WINDOWS\system32\ahroxun-edat(26).exe 	
C:\WINDOWS\system32\ahroxun-edat(27).exe 	
C:\WINDOWS\system32\ahroxun-edat(28).exe 	
C:\WINDOWS\system32\ahroxun-edat(29).exe 	
C:\WINDOWS\system32\ahroxun-edat(3).exe 	
C:\WINDOWS\system32\ahroxun-edat(30).exe 	
C:\WINDOWS\system32\ahroxun-edat(31).exe 	
C:\WINDOWS\system32\ahroxun-edat(32).exe 	
C:\WINDOWS\system32\ahroxun-edat(33).exe 	
C:\WINDOWS\system32\ahroxun-edat(34).exe 	
C:\WINDOWS\system32\ahroxun-edat(35).exe 	
C:\WINDOWS\system32\ahroxun-edat(36).exe 	
C:\WINDOWS\system32\ahroxun-edat(37).exe 	
C:\WINDOWS\system32\ahroxun-edat(38).exe 	
C:\WINDOWS\system32\ahroxun-edat(39).exe 	
C:\WINDOWS\system32\ahroxun-edat(4).exe 	
C:\WINDOWS\system32\ahroxun-edat(40).exe 	
C:\WINDOWS\system32\ahroxun-edat(41).exe 	
C:\WINDOWS\system32\ahroxun-edat(42).exe 	
C:\WINDOWS\system32\ahroxun-edat(43).exe 	
C:\WINDOWS\system32\ahroxun-edat(44).exe 	
C:\WINDOWS\system32\ahroxun-edat(45).exe 	
C:\WINDOWS\system32\ahroxun-edat(46).exe 	
C:\WINDOWS\system32\ahroxun-edat(47).exe 	
C:\WINDOWS\system32\ahroxun-edat(48).exe 	
C:\WINDOWS\system32\ahroxun-edat(49).exe 	
C:\WINDOWS\system32\ahroxun-edat(5).exe 	
C:\WINDOWS\system32\ahroxun-edat(50).exe 	
C:\WINDOWS\system32\ahroxun-edat(51).exe 	
C:\WINDOWS\system32\ahroxun-edat(52).exe 	
C:\WINDOWS\system32\ahroxun-edat(53).exe 	
C:\WINDOWS\system32\ahroxun-edat(54).exe 	
C:\WINDOWS\system32\ahroxun-edat(55).exe 	
C:\WINDOWS\system32\ahroxun-edat(56).exe 	
C:\WINDOWS\system32\ahroxun-edat(57).exe 	
C:\WINDOWS\system32\ahroxun-edat(58).exe 	
C:\WINDOWS\system32\ahroxun-edat(59).exe 	
C:\WINDOWS\system32\ahroxun-edat(6).exe 	
C:\WINDOWS\system32\ahroxun-edat(60).exe 	
C:\WINDOWS\system32\ahroxun-edat(61).exe 	
C:\WINDOWS\system32\ahroxun-edat(62).exe 	
C:\WINDOWS\system32\ahroxun-edat(63).exe 	
C:\WINDOWS\system32\ahroxun-edat(64).exe 	
C:\WINDOWS\system32\ahroxun-edat(65).exe 	
C:\WINDOWS\system32\ahroxun-edat(66).exe 	
C:\WINDOWS\system32\ahroxun-edat(67).exe 	
C:\WINDOWS\system32\ahroxun-edat(68).exe 	
C:\WINDOWS\system32\ahroxun-edat(69).exe 	
C:\WINDOWS\system32\ahroxun-edat(7).exe 	
C:\WINDOWS\system32\ahroxun-edat(70).exe 	
C:\WINDOWS\system32\ahroxun-edat(71).exe 	
C:\WINDOWS\system32\ahroxun-edat(72).exe 	
C:\WINDOWS\system32\ahroxun-edat(73).exe 	
C:\WINDOWS\system32\ahroxun-edat(74).exe 	
C:\WINDOWS\system32\ahroxun-edat(75).exe 	
C:\WINDOWS\system32\ahroxun-edat(76).exe 	
C:\WINDOWS\system32\ahroxun-edat(77).exe 	
C:\WINDOWS\system32\ahroxun-edat(78).exe 	
C:\WINDOWS\system32\ahroxun-edat(79).exe 	
C:\WINDOWS\system32\ahroxun-edat(8).exe 	
C:\WINDOWS\system32\ahroxun-edat(80).exe 	
C:\WINDOWS\system32\ahroxun-edat(81).exe 	
C:\WINDOWS\system32\ahroxun-edat(82).exe 	
C:\WINDOWS\system32\ahroxun-edat(83).exe 	
C:\WINDOWS\system32\ahroxun-edat(84).exe 	
C:\WINDOWS\system32\ahroxun-edat(85).exe 	
C:\WINDOWS\system32\ahroxun-edat(86).exe 	
C:\WINDOWS\system32\ahroxun-edat(87).exe 	
C:\WINDOWS\system32\ahroxun-edat(88).exe 	
C:\WINDOWS\system32\ahroxun-edat(89).exe 	
C:\WINDOWS\system32\ahroxun-edat(9).exe 	
C:\WINDOWS\system32\ahroxun-edat(90).exe 	
C:\WINDOWS\system32\ahroxun-edat(91).exe 	
C:\WINDOWS\system32\ahroxun-edat(92).exe 	
C:\WINDOWS\system32\ahroxun-edat(93).exe 	
C:\WINDOWS\system32\ahroxun-edat(94).exe 	
C:\WINDOWS\system32\ahroxun-edat(95).exe 	
C:\WINDOWS\system32\ahroxun-edat(96).exe 	
C:\WINDOWS\system32\ahroxun-edat(97).exe 	
C:\WINDOWS\system32\ahroxun-edat(98).exe 	
C:\WINDOWS\system32\ahroxun-edat(99).exe 	
C:\WINDOWS\yq.exe 	
 


Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall



do you know how to empty the Quarantine folder in Trend Micro ?


send me the log from combofix


gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 405 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware