Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

java script error in yahoo, re routing of pages [RESOLVED]

Started by seojyma , Mar 25 2006 12:43 AM

This topic is locked

#1
seojyma

Posted 25 March 2006 - 12:43 AM

Member

Member
10 posts

Hi - when I log on to my yahoo e-mail a box flashes quickly with a note saying your browser page is keeping you from seeing this page, to fix click here. If you click nothing happens. Then my mail says I do not have java script enabled (which I do) and asks if I want to revert to an older version. In addition the date and time on the home page disappears. Pop ups have started and regular/safe sites I had visited before was saying I didn't have flash player (which I did) and said click here to download it. When I clicked nothing would happen but a pop up would appear. Any help would be greatly appreciated.

Logfile of HijackThis v1.99.1
Scan saved at 10:35:35 PM, on 3/24/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\QUICKENW\QAGENT.EXE
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\Amy\foobar.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\mrtMngr.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Network\ipnetwork.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe
C:\WINDOWS\s?mbols\n?pdb.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\12Ghosts\12popup.exe
C:\Program Files\12Ghosts\12wash.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\WINDOWS\CDProxyServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\wuauclt.exe
C:\DOCUME~1\Amy\LOCALS~1\Temp\!update.exe
C:\WINDOWS\System32\MCROSO~1.NET\wowexec.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Yahoo!\browser\YBrowser.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://rd.yahoo.com/...hoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://rd.yahoo.com/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft....ink/?LinkId=374
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe
O2 - BHO: SuperAdBlockerBHO Class - {00000000-6C30-11D8-9363-000AE6309654} - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABBHO.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: 12-Popup - {00000000-0008-5041-4354-0020e48020af} - C:\Program Files\12Ghosts\12popup.dll
O3 - Toolbar: (no name) - {12EE7A5E-0674-42f9-A76B-000000004D00} - (no file)
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: Super Ad Blocker Toolbar - {B4B3001E-0F56-4E51-8250-BDE11547EC55} - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\sabtb.dll
O3 - Toolbar: (no name) - {11359F4A-B191-42D7-905A-594F8CF0387B} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [QAGENT] C:\Program Files\QUICKENW\QAGENT.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [filit] C:\Documents and Settings\Amy\foobar.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IpNetwork] C:\Program Files\Network\ipnetwork.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [SuperAdBlocker] C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe
O4 - HKCU\..\Run: [Lyjkme] C:\WINDOWS\s?mbols\n?pdb.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: 12Ghosts Popup-Killer.lnk = C:\Program Files\12Ghosts\12popup.exe
O4 - Startup: 12Ghosts Wash.lnk = C:\Program Files\12Ghosts\12wash.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Web Savings - file://C:\Program Files\WebSavingsfromEbates\System\Temp\ebateswebsavings_script0.htm
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{9D2D3965-0447-4080-B8F4-A9EDF5A1D4B2}: NameServer = 68.94.156.1 206.13.30.12
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: SABWinLogon - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL
O23 - Service: XCP CD Proxy (CD_Proxy) - Unknown owner - C:\WINDOWS\CDProxyServ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Mcafee.com Corporation - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
O23 - Service: Super Ad Blocker Service (SABSVC) - SuperAdBlocker.com - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE

#2
Buckeye_Sam

Posted 25 March 2006 - 08:18 AM

Malware Expert

Member
10,019 posts

Hi and welcome to GeeksToGo! My name is Sam and I will be helping you. :whistling:

Please download Ewido Security Suite it is a trial version of the program.

Install ewido security suite
When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
Launch ewido, there should be an icon on your desktop double-click it.
The program will now go to the main screen

You will need to update ewido to the latest definition files.

On the left hand side of the main screen click update
Then click on Start Update

The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update ewido.
http://www.ewido.net...wnload/updates/

Once the updates are installed do the following:

Click on scanner
Click on Complete System Scan and the scan will begin.
While the scan is in progress you will be prompted to clean files, click OK
When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.
Once the scan has completed, there will be a button located on the bottom of the screen named Save report
Click Save report.
Save the report .txt file to your desktop.

Now close ewido security suite.

Reboot your computer and post a new hijackthis log and the log from Ewido.

#3
seojyma

Posted 25 March 2006 - 09:53 AM

Member

Topic Starter
Member
10 posts

Thanks so much. Here you go:

ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 11:51:55 PM, 3/24/2006
+ Report-Checksum: E94D4977

+ Scan result:

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunWindowsUpdate -> Adware.BrowserAid : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunWindowsUpdate\Active -> Adware.BrowserAid : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunWindowsUpdate\Installed -> Adware.BrowserAid : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bsto-1 -> Adware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\skin -> Adware.Delfin : Cleaned with backup
HKU\.DEFAULT\Software\toolbar -> Adware.WebSearch : Cleaned with backup
HKU\S-1-5-21-580599830-2890411790-1508207852-1007\Software\DNS -> Adware.Shorty : Cleaned with backup
HKU\S-1-5-21-580599830-2890411790-1508207852-1007\Software\Microsoft\Internet Explorer\MenuExt\Web Savings -> Adware.MoneyMaker : Cleaned with backup
HKU\S-1-5-18\Software\toolbar -> Adware.WebSearch : Cleaned with backup
[264] C:\WINDOWS\sуmbols\nоpdb.exe -> Adware.PurityScan : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\[email protected][2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Amy\Local Settings\Temp\!update.exe -> Downloader.PurityScan.bw : Cleaned with backup
C:\Documents and Settings\Amy\Local Settings\Temporary Internet Files\Content.IE5\G5W7CN8J\!update-3595[1].0000 -> Downloader.PurityScan.bw : Cleaned with backup
C:\Documents and Settings\Amy\mc-110-12-0000080.exe -> Adware.Maxifiles : Cleaned with backup
C:\Documents and Settings\Amy\__delete_on_reboot__foobar.exe -> Proxy.Agent.gt : Cleaned with backup
C:\foobar.exe -> Proxy.Agent.gt : Cleaned with backup
C:\Program Files\Common Files\Download\freeprodtb.exe -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\Common Files\ffkr\ffkra.exe -> Downloader.TSUpdate.l : Cleaned with backup
C:\Program Files\Common Files\ffkr\ffkrl.exe -> Downloader.TSUpdate.p : Cleaned with backup
C:\Program Files\Common Files\ffkr\ffkrp.exe -> Downloader.TSUpdate.f : Cleaned with backup
C:\Program Files\Network\__delete_on_reboot__ipnetwork.exe -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{0040B8FD-5BF1-423A-A2A1-C60AE287A67E} -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{0340FE59-CD27-4AA0-96D3-B54C5141693D} -> Adware.BargainBuddy : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{07C76B20-AA82-4519-AAB3-FC3EF4D9CFDD} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{141B13A5-E006-4CC0-9771-723EA7A00C7E} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{1596C5AE-A917-4086-99C4-90CCF5A3A481} -> Adware.Wintol : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{16FBE339-1C5B-4E51-AA34-5D0EC890B264} -> Trojan.EliteBar.f : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{203BAE25-C95A-40C8-B475-DE06935DC0DD} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{205DEFE1-EB9C-45F3-A6E7-1416B544059E} -> Adware.WebSearch : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{212DA903-9AA7-450C-A2E7-203366A87065} -> Adware.Wintol : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{21F4BF82-BDB7-4568-A60A-9D4CFBF0CCF2} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{21F9B053-48FE-4F2C-B8CA-52FDD53290FF} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{234BAF22-8F55-4C75-80C6-8427FE53338A} -> Adware.WebSearch : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{23C01F9D-3A38-4E1E-8D30-EB3744FA410E} -> Backdoor.Agobot : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{241C2D47-DA6C-4D33-A451-5BD6676DC421} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{2D906A12-0A2E-4B87-B6C6-2F3415B0C1B7} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{2D952DE6-D151-4533-A1AF-FD355F1EF8D1} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{34F922A9-FB12-4F46-80F6-7D1F25ED2707} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{3CDD0AAD-83F7-484C-9CEC-3EA6A454C9BA} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{3E45B5DE-E868-4257-8B8D-197AC28605B6} -> Downloader.Dyfuca : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{463F6487-62D8-47CE-8A0B-43E05A36411B} -> Adware.MediaMotor : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{4A8884FB-0C44-44BC-AE19-0303A1BBD58B} -> Adware.PurityScan : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{4A9C67AC-5950-40B4-B1FF-D7885FE3B7D7} -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{4B37272E-C977-4BAB-A929-1050E3976970} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{4B394734-556E-44E8-88EA-D704949D546F} -> Adware.WebSearch : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{4C7E7A76-99CF-4DC0-8CFF-C3CB7C669996} -> Adware.Wintol : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{4C9C7C32-8C99-4D48-9F85-3739CB5396AE} -> Logger.VB.eh : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{52B22768-C89D-43DB-B651-53234BF4290B} -> Downloader.Agent.ae : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{549537E0-B70E-4C4C-993D-E6256E25DDF2} -> Adware.DelphinMediaViewer : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{57156550-A653-43C0-A0A8-0440BCFF1E95} -> Hijacker.VB.ei : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{5C7EE44E-FA1F-4D73-9C6F-DEEE830C6092} -> Adware.WebSearch : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{5DE1AD5B-12C7-4109-9B9C-E2BC0923D00B} -> Backdoor.Aimbot.ap : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{61C8067A-3687-440B-8A66-A48254FF7A45} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{6578B5F7-9664-4030-A8FD-131AD22B1715} -> Adware.BargainBuddy : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{66358312-CB8A-4CA1-B95C-7CC89945B34E} -> Adware.BargainBuddy : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{6F7DE745-D9EF-4252-BC3B-B1F64207FE5F} -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{6FCA1CD3-9653-431B-8C0F-BE2513F23616} -> Hijacker.Agent.dh : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{7118445A-6543-4847-8DC3-5E81A96BF44E} -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{8196C3A6-68C9-40A0-8A78-6259A38D6484} -> Logger.VB.eh : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{82BF4DFF-0883-403D-B48B-A72408F11103} -> Adware.180Solutions : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{83ACD017-DBFF-4161-AE98-882DB4F4DBB4} -> Downloader.Dyfuca.ds : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{858CCA34-56E2-400E-B65B-32FBF612B992} -> Downloader.Braidupdate.d : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{8C28DDF6-C03C-45EC-89CF-29EE140A20A8} -> Logger.VB.eh : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{91FB3BFD-06B8-4798-A3A3-56CCCAD2370E} -> Logger.VB.eh : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{94CDA90D-6D35-4DEB-985E-38EF78D3354E} -> Trojan.Agent.km : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{9642381C-F89E-4401-A993-ED106759D3C1} -> Adware.BargainBuddy : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{9DD2874E-46A7-4F83-8DFB-53C5856ECA31} -> Backdoor.Rbot.agq : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{A066FF20-3D11-4BC5-9EBB-B6FD12901CAF} -> Downloader.Agent.gg : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{A460B030-31E2-4031-950A-6AF32A9FC58D} -> Downloader.Agent.ae : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{A941EC88-7966-41C4-96BF-419687437D68} -> Adware.WebSearch : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{A9CCB2A2-8B12-4F61-93A6-18138E1E3FE7} -> Downloader.Intexp.d : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{AD6764A1-31AA-4836-B9D3-B06963265793} -> Adware.PurityScan : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{ADB46FE6-312E-4F3A-B24E-A918A92C65CC} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{AFDBA704-CEE9-455C-B3D5-0F7EB9BE3153} -> Logger.VB.eh : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{B083F092-4AE9-4205-9996-E2F538BDBB17} -> Adware.EZula : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{B482396C-582B-4E20-B738-4F395FFF5CA4} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{B6651F18-42A1-4D58-8E5B-4ECFA4708DF1} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{BB1C2590-12FF-4C9A-99D7-F39D039E9992} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{C16712E4-727F-4448-801F-07166FF71A9B} -> Adware.Wintol : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{CB2E1584-2724-4D99-836B-49D2548E7EE4} -> Hijacker.VB.ei : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{CEAD8E62-3A1B-4363-9C1C-6D6E269D03E1} -> Adware.E2Give : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{D57823D9-5613-4EA3-B844-DC2A77FCF4B1} -> Adware.WebSearch : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{D8B47D03-64A5-43AA-9FF8-E6AFFF195F61} -> Adware.Wintol : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{DABEAEDD-174A-4980-A0A3-9183134BE364} -> Logger.VB.eh : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{DF472B1B-83CA-4213-9762-A2B10564C1F0} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{E05EE7ED-7945-4A24-9830-CE993C81E4DB} -> Logger.VB.eh : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{E1C01DC3-4BCA-42E0-9610-9D04C8589967} -> Adware.AdSquash : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{ECAF939F-EB69-48CA-B8E3-5C124DA01839} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{F2D24C77-71F2-46AE-A961-423BB0BE71E5} -> Adware.PurityScan : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{F4071CBA-5DF7-43F8-B940-79D1BE6507BA} -> Trojan.EliteBar.f : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{F4C85CAF-0611-4AD5-BA51-BC64B05D4DA1} -> Adware.WebSearch : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{F86E0CEC-2002-41ED-9CD1-A7F643D4D9F1} -> Trojan.Agent.cp : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{FDB6BB6A-8914-4371-B77B-13538ABC23C6} -> Adware.WebSearch : Cleaned with backup
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\Quarantine\Quarantine - 10-21-2005 - 10-47-34.SBU/{FEB5B500-909E-47A9-84DC-663D3AF7D7A2} -> Adware.ImiBar : Cleaned with backup
C:\Program Files\Yazzle Sudoku\Sudoku.exe -> Dropper.VB.kk : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP919\A0062072.exe -> Trojan.EliteBar.f : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP919\A0062073.exe -> Trojan.EliteBar.f : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP922\A0062205.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP924\A0062213.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP924\A0062214.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP924\A0062215.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP924\A0062216.dll -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP924\A0062227.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP924\snapshot\MFEX-1.DAT -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062252.srg -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062255.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062260.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062262.exe -> Downloader.TSUpdate.n : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062263.dll -> Adware.Softomate : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062275.dll -> Trojan.Agent.db : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062277.exe -> Trojan.EliteBar.f : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062278.vxd -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062279.srg -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062281.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062282.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062283.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062284.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062285.dll -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062286.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062287.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062288.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062293.dll -> Adware.WebSearch : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062361.dll -> Adware.BiSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062362.dll -> Adware.BiSpy : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062363.exe -> Adware.MediaMotor : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062366.dll -> Downloader.Braidupdate.d : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062368.dll -> Adware.DelphinMediaViewer : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\A0062369.ocx -> Adware.DelphinMediaViewer : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP925\snapshot\MFEX-1.DAT -> Adware.BargainBuddy : Cleaned with backup
C:\WINDOWS\2_0_1browserhelper2.dll_tobedeleted -> Hijacker.Delf.r : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\bridge.dll -> Logger.Briss.g : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\jao.dll -> Logger.Briss.g : Cleaned with backup
C:\WINDOWS\dsr.exe -> Trojan.Imiserv.c : Cleaned with backup
C:\WINDOWS\e2g25.exe -> Downloader.Small.adu : Cleaned with backup
C:\WINDOWS\mm21.ocx -> Downloader.VB.ez : Cleaned with backup
C:\WINDOWS\sskb5.exe -> Dropper.SurfSide.a : Cleaned with backup
C:\WINDOWS\systb.exe/systb.dll -> Adware.ImiBar : Cleaned with backup
C:\WINDOWS\SYSTEM32\adpon3.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\adsocu.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\atrhsv.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\batses.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\bidtse.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\blasse.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\booncu.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\bxm_32.dll -> Logger.Agent.gk : Cleaned with backup
C:\WINDOWS\SYSTEM32\bxm_32.exe -> Logger.Agent.gk : Cleaned with backup
C:\WINDOWS\SYSTEM32\cabetc.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\cabsra.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\cddn32.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\cew43d.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\cliclt.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\climap.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\comi-s.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\comndi.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\compcs.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\comset.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\comspa.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\comtsc.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\comuse.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\conake.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\concpl.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4BSPEZOF\bot[3].exe -> Backdoor.Agobot : Cleaned with backup
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4BSPEZOF\bot[4].exe -> Backdoor.Agobot : Cleaned with backup
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6JYLAZOX\bot[1].exe -> Backdoor.Agobot : Cleaned with backup
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6JYLAZOX\bot[2].exe -> Backdoor.Agobot : Cleaned with backup
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6JYLAZOX\bot[3].exe -> Backdoor.Agobot : Cleaned with backup
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9YJK1IJ\bot[4].exe -> Backdoor.Agobot : Cleaned with backup
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9YJK1IJ\WksPatch[1].exe -> Worm.Welchia.b : Cleaned with backup
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OT2JQP0H\bot[1].exe -> Backdoor.Agobot : Cleaned with backup
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OT2JQP0H\bot[3].exe -> Backdoor.Agobot : Cleaned with backup
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OT2JQP0H\bot[4].exe -> Backdoor.Agobot : Cleaned with backup
C:\WINDOWS\SYSTEM32\cregni.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\crtsdx.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\cryvcr.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\csrc40.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\csrir3.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ctltim.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\d0clmd.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\datbdy.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\datdbl.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\datrmo.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\dhcpcf.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\dhcsra.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\dhctse.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\disard.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\disfil.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\dmilba.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\dmm_32.exe -> Logger.Agent.gk : Cleaned with backup
C:\WINDOWS\SYSTEM32\dmudms.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\doccho.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\dpnimg.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\dpvkle.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\DRIVERS\svchost.exe -> Worm.Welchia.b : Cleaned with backup
C:\WINDOWS\SYSTEM32\DrPMon.dll_tobedeleted -> Trojan.Agent.db : Cleaned with backup
C:\WINDOWS\SYSTEM32\dsapsv.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\dssrac.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\dxdbjm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\efx_32.exe -> Logger.Agent.gk : Cleaned with backup
C:\WINDOWS\SYSTEM32\extmsa.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\fashtm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\fclffi.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ff0lwo.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\fftiml.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\hcccsu.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\hoscpm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\hotthe.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\htikrn.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\hypfil.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\hypmcl.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ialanm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ialnpc.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ialrfm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\iasetr.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\icapmo.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ieamsn.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ierrat.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\iexvmg.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\igfdjp.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\igfet5.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\igfidn.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\igflsa.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\igfrac.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\igfrdb.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\igfxwa.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\igmjin.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\igmlwi.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\inents.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\inesse.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\inetpl.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\inevid.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipcgho.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipptex.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipsrpu.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipxfxr.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipxink.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\isiasp.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\jgsuro.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\kbd2he.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\kbdard.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\kbdfpx.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\kbdfrc.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\kbdkrs.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\kbdmsd.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\kbdno.exe -> Downloader.Agent.am : Cleaned with backup
C:\WINDOWS\SYSTEM32\kbdshr.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\kbdtlo.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\kbdwde.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\kpgshu.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ksuann.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lfa32g.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lfbmoc.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lfclhs.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lfdbcb.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lfdcut.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lfdfxc.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lffwph.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lfirob.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lflsd4.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lfspmc.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lftdyc.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lfxhwr.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lmr_32.exe -> Logger.Agent.gk : Cleaned with backup
C:\WINDOWS\SYSTEM32\locdl3.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\lprdmp.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ltaexl.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ltbfox.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ltbxml.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ltcghe.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ltddax.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ltdnro.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ltdpee.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ltewrp.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ltfdis.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ltlmod.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ltwetc.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ltwpds.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\maprdo.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mcdscr.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcbxm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mimcli.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mmsdx5.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mmuake.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mobtui.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mod_32.exe -> Logger.Agent.gk : Cleaned with backup
C:\WINDOWS\SYSTEM32\mouink.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mouows.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mourof.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mouxma.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mplass.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mrtnmo.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mrtser.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msassm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mscdib.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mscsna.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msevbv.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msgdne.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mshent.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msicmp.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msiins.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msiock.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msjani.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msjima.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mslofm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mspcsu.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mspdsa.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mspica.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msrfxd.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msrpbd.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mssfrd.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mssuni.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msusra.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msvmdi.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msvtex.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msvtiv.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msvxfx.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\mswdlt.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msxbas.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msxtma.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\msxtmo.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\netfut.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ntkrdp.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ntvaus.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\nwpdsr.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\nwphtm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\nwpsau.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\occmic.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\odbe2n.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\odbisi.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\odbrps.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\odbrsd.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\odbssm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\olegut.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\oleogm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\osumar.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\outdus.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\pacecn.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\pcdban.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\penmod.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\perann.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\plunet.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\pndmmp.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\pngpri.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\progsh.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\prootv.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\psbflb.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\psntwn.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ptfmst.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\pxhdoc.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\pxwtms.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\quafts.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\rasans.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\rashat.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\rasmmt.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\rasrcl.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\rassmo.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\rdohtm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\rdowso.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\rdsxin.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\regnad.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\ricxbd.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\rouxrt.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\rtiows.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\scaimd.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\scanms.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\scasdm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\scet50.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\scrrps.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdbame.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdbdhe.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\secfet.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\sertev.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\setefx.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\setevt.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\sfccat.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\sfccka.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\sfcl_m.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\shargr.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\shdvar.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\shgnca.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\shmica.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\shsdca.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\shsdml.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\slbrdd.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\smlsap.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\smlxlm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\sndecl.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\snmdia.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\sofnon.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\spucdl.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\srcaap.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\srcvsv.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\stclog.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\stcp95.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\stcpcx.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\stcwat.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\stoset.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\synce0.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\tasdl3.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\tasset.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\tcmnmo.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\tcpcho.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\terrv4.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\tertsp.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\tex_32.exe -> Logger.Agent.gk : Cleaned with backup
C:\WINDOWS\SYSTEM32\thebc1.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\trasap.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\tscstk.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\tse_32.exe -> Logger.Agent.gk : Cleaned with backup
C:\WINDOWS\SYSTEM32\uninat.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\upne2b.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\urlon3.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\usrd10.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\usrdne.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\usrfxw.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\usrlhs.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\usrnot.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\usrtse.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\utisld.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\uxtlmb.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\vdmwfx.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\vertas.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\vfwrd1.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\vgaeps.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\vgamli.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\w32ari.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\w32w3p.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\w32xpn.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\webdit.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wexuti.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wexwex.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wianso.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wiatfu.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\winame.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\WINS\DLLHOST.EXE -> Worm.Welchia.a : Cleaned with backup
C:\WINDOWS\SYSTEM32\wmpmlw.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wmprvd.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wmpxml.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wmpyvc.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wmswmf.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wowmsm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wowrpu.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wpndmm.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wuabet.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wucres.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wzclmr.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\wzcult.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\xpnsen.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\SYSTEM32\xpn_32.exe -> Logger.Agent.gk : Cleaned with backup
C:\WINDOWS\SYSTEM32\ycrfxe.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\sуmbols\nоpdb.exe -> Adware.PurityScan : Cleaned with backup
C:\WINDOWS\tdtb.exe -> Trojan.Imiserv.c : Cleaned with backup
C:\WINDOWS\temp.bat -> Trojan.Zapchast : Cleaned with backup
C:\WINDOWS\UnstSA2.exe -> Dropper.Delf.z : Cleaned with backup
C:\WINDOWS\xlckrb.exe -> Adware.BetterInternet : Cleaned with backup

::Report End

#4
seojyma

Posted 25 March 2006 - 09:56 AM

Member

Topic Starter
Member
10 posts

Just realized your note said - "When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".

I actually ran this scan last night before I saw your replay and didn't do that part, should I redo a scan or is the report I attached okay?

#5
Buckeye_Sam

Posted 25 March 2006 - 08:49 PM

Malware Expert

Member
10,019 posts

No problem, it's fine. Actually it looks like Ewido did a great job cleaning up malware for you. But we're probably not done yet.

Please post a new hijackthis log.

#6
seojyma

Posted 25 March 2006 - 09:22 PM

Member

Topic Starter
Member
10 posts

Thanks. I am definitely getting fewer pop-ups and a different script error on yahoo but it at least lets me see the normal format occassionally. Here's the updated report.

Logfile of HijackThis v1.99.1
Scan saved at 7:20:20 PM, on 3/25/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\QUICKENW\QAGENT.EXE
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\12Ghosts\12popup.exe
C:\Program Files\12Ghosts\12wash.exe
C:\WINDOWS\System32\mrtMngr.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\WINDOWS\CDProxyServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Yahoo!\browser\YBrowser.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://rd.yahoo.com/...hoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://rd.yahoo.com/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft....ink/?LinkId=374
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=Explorer.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: 12-Popup - {00000000-0008-5041-4354-0020e48020af} - C:\Program Files\12Ghosts\12popup.dll
O3 - Toolbar: (no name) - {12EE7A5E-0674-42f9-A76B-000000004D00} - (no file)
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: (no name) - {11359F4A-B191-42D7-905A-594F8CF0387B} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [QAGENT] C:\Program Files\QUICKENW\QAGENT.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [filit] C:\Documents and Settings\Amy\foobar.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IpNetwork] C:\Program Files\Network\ipnetwork.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: 12Ghosts Popup-Killer.lnk = C:\Program Files\12Ghosts\12popup.exe
O4 - Startup: 12Ghosts Wash.lnk = C:\Program Files\12Ghosts\12wash.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{9D2D3965-0447-4080-B8F4-A9EDF5A1D4B2}: NameServer = 68.94.156.1 206.13.30.12
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: XCP CD Proxy (CD_Proxy) - Unknown owner - C:\WINDOWS\CDProxyServ.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Mcafee.com Corporation - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe

#7
Buckeye_Sam

Posted 26 March 2006 - 11:50 AM

Malware Expert

Member
10,019 posts

Please follow these steps:

Please make sure that you can View Hidden Files
- Click Start -> My Computer
- Select Tools -> Folder options
- Select the View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled.
- Also make sure that 'Display the contents of system folders' is checked.
- Make sure "Hide extensions for known file types" is unchecked
- Make sure "Hide protected operating system files (recommended)" is unchecked
- For more info on how to show hidden files click here.
Run Hijackthis again, click scan, and Put a checkmark next to each of these. Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix Checked button.

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://rd.yahoo.com/...hoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://rd.yahoo.com/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: (no name) - {12EE7A5E-0674-42f9-A76B-000000004D00} - (no file)
O3 - Toolbar: (no name) - {11359F4A-B191-42D7-905A-594F8CF0387B} - (no file)
O4 - HKLM\..\Run: [filit] C:\Documents and Settings\Amy\foobar.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IpNetwork] C:\Program Files\Network\ipnetwork.exe
Please reboot your computer in SafeMode by doing the following:
- Restart your computer
- After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
- Instead of Windows loading as normal, a menu should appear
- Select the first option, to run Windows in Safe Mode.
- If you have trouble getting into Safe mode go here for more info.
Once in Safe mode, delete these files or directories (Do not be concerned if they do not exist):

C:\Documents and Settings\Amy\foobar.exe
C:\Program Files\Network\ipnetwork.exe

Reboot your computer to go back to normal mode.

Please go HERE to run Panda's ActiveScan

Once you are on the Panda site click the Scan your PC button
A new window will open...click the Check Now button
Enter your Country
Enter your State/Province
Enter your e-mail address and click send
Select either Home User or Company
Click the big Scan Now button
If it wants to install an ActiveX component allow it
It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
When download is complete, click on My Computer to start the scan
When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report along with a new hijackthis log.

#8
seojyma

Posted 26 March 2006 - 07:15 PM

Member

Topic Starter
Member
10 posts

Thanks again. I did everything through the panda active scan. For some reason I cannot get the scan box to go full screen (no expand button to press, no arrows along border to expand box). I was able to see portions of the buttons to get it as far as the scan itself, but when finished, I saw part of it that said it found malicious.... and that was it, and no place for me to check for a report (I assume it was hidden on a part of the box I couldn't see). Not sure how to proceed but here is my updated Hijack report:

Logfile of HijackThis v1.99.1
Scan saved at 5:12:30 PM, on 3/26/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\QUICKENW\QAGENT.EXE
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\mrtMngr.EXE
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\12Ghosts\12popup.exe
C:\Program Files\12Ghosts\12wash.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\WINDOWS\CDProxyServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Yahoo!\browser\YBrowser.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft....ink/?LinkId=374
F2 - REG:system.ini: Shell=Explorer.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll
O3 - Toolbar: 12-Popup - {00000000-0008-5041-4354-0020e48020af} - C:\Program Files\12Ghosts\12popup.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [QAGENT] C:\Program Files\QUICKENW\QAGENT.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: 12Ghosts Popup-Killer.lnk = C:\Program Files\12Ghosts\12popup.exe
O4 - Startup: 12Ghosts Wash.lnk = C:\Program Files\12Ghosts\12wash.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9D2D3965-0447-4080-B8F4-A9EDF5A1D4B2}: NameServer = 68.94.156.1 206.13.30.12
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: XCP CD Proxy (CD_Proxy) - Unknown owner - C:\WINDOWS\CDProxyServ.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Mcafee.com Corporation - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe

#9
Buckeye_Sam

Posted 27 March 2006 - 04:42 PM

Malware Expert

Member
10,019 posts

Your log looks pretty good, but I'd really like to get a virus scan done in case there are left over files that need to be removed.

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT
Now click on Scan Settings
In the scan settings make that the following are selected:
- Scan using the following Anti-Virus database:
Extended (if available otherwise Standard)
- Scan Options:
Scan Archives
Scan Mail Bases
Click OK
Now under select a target to scan:Select My Computer
This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
- Now click on the Save as Text button:
Save the file to your desktop.
Copy and paste that information in your next post.

#10
seojyma

Posted 27 March 2006 - 09:29 PM

Member

Topic Starter
Member
10 posts

Hi - as you can probably tell I'm pretty inexperienced in the computer department. I tried to run a scan but nothing happened. It went back to the Scan Settings portion, however it did say "Warning: The Kaspersky On-line Scanner may not run successfully while any other Anti-Virus software is running. If you have Anti-Virus software installed, please disable your AV protection before running the Kaspersky On-line Scanner. "

I do have Spybot, Spyware blaster and Xoftspy on my computer. Only Spyware blaster had an easy to find disable button which I did and tried rescanning but got the same message. Unfortunately I couldn't figure out how to disable the other two. Thanks.

#11
Buckeye_Sam

Posted 28 March 2006 - 01:13 PM

Malware Expert

Member
10,019 posts

Please download Bit Defender 8 Free Edition

Install the program and then follow the prompts to download all available updates.
Perform a full scan on your Local drive.
When the scan is complete save the log and post it back here in your next reply.

===========

Next I want you to run another scan with Ewido. But reboot into Safe mode first.
Run the scan with Ewido and save the log.

===========

Reboot back into normal mode and post the log from BitDefender, Ewido, and a new hijackthis log.

#12
seojyma

Posted 28 March 2006 - 03:35 PM

Member

Topic Starter
Member
10 posts

Hi and thanks for spending so much time with me on this. Here are the 3 reports:

//-----------------------------------------------------------------
//
// Product: BitDefender 8 Free Edition
// Version: 8.0
//
// Created on: 28/03/2006 12:03:14
//
//-----------------------------------------------------------------

Statistics

Scan path : C:\WINDOWS\System32\
Folders : 171
Files : 5741
Archives : 38
Packed files : 237
Identified viruses : 3
Infected files : 8
Warnings : 0
Suspect files : 1
Disinfected files : 0
Deleted files : 0
Copied files : 0
Moved files : 9
Renamed files : 0
I/O errors : 10
Scan time : 00:07:00
Scan speed (files/sec) : 13

Virus definitions : 342333
Scan plugins : 13
Archive plugins : 39
Unpack plugins : 4
Mail plugins : 6
System plugins : 1

Scan options

Detection
[X] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[ ] Copy to quarantine
[X] Move to quarantine
[ ] Rename
[ ] Prompt user

Scan options
[X] Enable warnings
[X] Enable heuristics
[X] Show all files in log
[X] Report file: vscan.log
[ ] Append to existing report

Summary:

C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4BSPEZOF\bot[1].exe Infected Win32.Worm.Gaobot.Dam.2
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4BSPEZOF\bot[1].exe Disinfection failed
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4BSPEZOF\bot[1].exe Moved
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4BSPEZOF\bot[2].exe Suspect Generic.Malware.I.38DE66A7
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4BSPEZOF\bot[2].exe Disinfection failed
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4BSPEZOF\bot[2].exe Moved
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9YJK1IJ\bot[3].exe Infected Win32.Worm.Gaobot.Dam.2
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9YJK1IJ\bot[3].exe Disinfection failed
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9YJK1IJ\bot[3].exe Moved
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9YJK1IJ\bot[5].exe Infected Win32.Worm.Gaobot.Dam.2
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9YJK1IJ\bot[5].exe Disinfection failed
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9YJK1IJ\bot[5].exe Moved
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9YJK1IJ\bot[6].exe Infected Win32.Worm.Gaobot.Dam.2
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9YJK1IJ\bot[6].exe Disinfection failed
C:\WINDOWS\System32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9YJK1IJ\bot[6].exe Moved
C:\WINDOWS\System32\DRIVERS\ETC\hosts.20050524-190458.backup Infected Generic.Qhost
C:\WINDOWS\System32\DRIVERS\ETC\hosts.20050524-190458.backup Disinfection failed
C:\WINDOWS\System32\DRIVERS\ETC\hosts.20050524-190458.backup Moved
C:\WINDOWS\System32\DRIVERS\ETC\hosts.20060321-084042.backup Infected Generic.Qhost
C:\WINDOWS\System32\DRIVERS\ETC\hosts.20060321-084042.backup Disinfection failed
C:\WINDOWS\System32\DRIVERS\ETC\hosts.20060321-084042.backup Moved
C:\WINDOWS\System32\DRIVERS\ETC\hosts.20060321-084043.backup Infected Generic.Qhost
C:\WINDOWS\System32\DRIVERS\ETC\hosts.20060321-084043.backup Disinfection failed
C:\WINDOWS\System32\DRIVERS\ETC\hosts.20060321-084043.backup Moved
C:\WINDOWS\System32\plugme.exe Infected Trojan.Downloader.Istbar.NT
C:\WINDOWS\System32\plugme.exe Disinfection failed
C:\WINDOWS\System32\plugme.exe Moved

Scanned files

C:\=>Master Boot Record 80 OK
C:\=>Partition Boot 1 (primary) OK
C:\=>Partition Boot 2 (primary) (active) OK
C:\WINDOWS\System32\$NCSP$.INF OK
C:\WINDOWS\System32\$WINNT$.INF OK
C:\WINDOWS\System32\1033\DWINTL.DLL OK
C:\WINDOWS\System32\12520437.CPX OK
C:\WINDOWS\System32\12520850.CPX OK
C:\WINDOWS\System32\6TO4SVC.DLL OK
C:\WINDOWS\System32\a15.tbl OK
C:\WINDOWS\System32\a234.tbl OK
C:\WINDOWS\System32\a3d.dll OK
C:\WINDOWS\System32\AAAAMON.DLL OK
C:\WINDOWS\System32\ACCESS.CPL OK
C:\WINDOWS\System32\ACCTRES.DLL OK
C:\WINDOWS\System32\accwiz.exe OK
C:\WINDOWS\System32\ACELPDEC.AX OK
C:\WINDOWS\System32\ACLEDIT.DLL OK
C:\WINDOWS\System32\ACLUI.DLL OK
C:\WINDOWS\System32\acode.tbl OK
C:\WINDOWS\System32\ACTIVEDS.DLL OK
C:\WINDOWS\System32\ACTIVEDS.TLB OK
C:\WINDOWS\System32\ActiveScan\ActiveScan\pav.sig OK
C:\WINDOWS\System32\ActiveScan\as.dll OK
C:\WINDOWS\System32\ActiveScan\ascontrol.dll OK
C:\WINDOWS\System32\ActiveScan\asmdat.dll OK
C:\WINDOWS\System32\ActiveScan\certdll.dll OK
C:\WINDOWS\System32\ActiveScan\getrootcert.cer OK
C:\WINDOWS\System32\ActiveScan\instlsp.dll OK
C:\WINDOWS\System32\ActiveScan\memvfile.dll OK
C:\WINDOWS\System32\ActiveScan\msvcr71.dll OK
C:\WINDOWS\System32\ActiveScan\PAV.SIG OK
C:\WINDOWS\System32\ActiveScan\pavaleas.dll OK
C:\WINDOWS\System32\ActiveScan\pavdr.exe OK
C:\WINDOWS\System32\ActiveScan\pavexcom.dll OK
C:\WINDOWS\System32\ActiveScan\pavinas.dll OK
C:\WINDOWS\System32\ActiveScan\pavoe.dll OK
C:\WINDOWS\System32\ActiveScan\pavpz.dll OK
C:\WINDOWS\System32\ActiveScan\pfdnnt.exe OK
C:\WINDOWS\System32\ActiveScan\port32.dll OK
C:\WINDOWS\System32\ActiveScan\pskahk.dll OK
C:\WINDOWS\System32\ActiveScan\pskalloc.dll OK
C:\WINDOWS\System32\ActiveScan\pskas.dll OK
C:\WINDOWS\System32\ActiveScan\pskavs.dll OK
C:\WINDOWS\System32\ActiveScan\pskcmp.dll OK
C:\WINDOWS\System32\ActiveScan\pskfss.dll OK
C:\WINDOWS\System32\ActiveScan\pskhtml.dll OK
C:\WINDOWS\System32\ActiveScan\pskmas.dll OK
C:\WINDOWS\System32\ActiveScan\pskmdfs.dll OK
C:\WINDOWS\System32\ActiveScan\pskpack.dll OK
C:\WINDOWS\System32\ActiveScan\pskscs.dll OK
C:\WINDOWS\System32\ActiveScan\pskutil.dll OK
C:\WINDOWS\System32\ActiveScan\pskvfile.dll OK
C:\WINDOWS\System32\ActiveScan\pskvfs.dll OK
C:\WINDOWS\System32\ActiveScan\pskvm.dll OK
C:\WINDOWS\System32\ActiveScan\psscan.dll OK
C:\WINDOWS\System32\ActiveScan\qrv.krn OK
C:\WINDOWS\System32\ActiveScan\sporder.dll OK
C:\WINDOWS\System32\ActiveScan\tcpvfile.dll OK
C:\WINDOWS\System32\ACTMOVIE.EXE OK
C:\WINDOWS\System32\ACTXPRXY.DLL OK
C:\WINDOWS\System32\ADMPARSE.DLL OK
C:\WINDOWS\System32\Adobe\SVG Viewer\AceLite.dll OK
C:\WINDOWS\System32\Adobe\SVG Viewer\Agm.dll OK
C:\WINDOWS\System32\Adobe\SVG Viewer\Bib.dll OK
C:\WINDOWS\System32\Adobe\SVG Viewer\CoolType.dll OK
C:\WINDOWS\System32\Adobe\SVG Viewer\NPSVGVw.dll OK
C:\WINDOWS\System32\Adobe\SVG Viewer\ReadMe.html OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVG Viewer License.txt OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGAbout.svg OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGControl.dll OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGHelp.html OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGRSRC.DLL OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGView.dll OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.dict OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.dict=>(unicode) OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.ini OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/SVGViewer.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Attr.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/CDATASection.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/CharacterData.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Comment.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Document.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/DocumentFragment.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/DocumentType.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/DOMException.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/DOMImplementation.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Element.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Entity.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/EntityReference.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/NamedNodeMap.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Node.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/NodeList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Notation.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/ProcessingInstruction.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/Text.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/Counter.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSS2Properties.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSCharsetRule.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSFontFaceRule.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSImportRule.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSMediaRule.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSPageRule.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSPrimitiveValue.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSRule.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSRuleList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSStyleDeclaration.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSStyleRule.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSStyleSheet.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSUnknownRule.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSValue.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/CSSValueList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/DocumentCSS.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/DOMImplementationCSS.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/ElementCSSInlineStyle.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/Rect.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/RGBColor.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/css/ViewCSS.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/DocumentEvent.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/Event.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/EventException.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/EventListener.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/EventTarget.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/MouseEvent.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/events/UIEvent.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/smil/ElementTimeControl.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/stylesheets/DocumentStyle.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/stylesheets/LinkStyle.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/stylesheets/MediaList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/stylesheets/StyleSheet.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/stylesheets/StyleSheetList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/views/AbstractView.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/views/DocumentView.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/GetSVGDocument.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAltGlyphDefElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAltGlyphElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAltGlyphItemElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAngle.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimateColorElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedAngle.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedBoolean.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedEnumeration.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedInteger.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedLength.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedLengthList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedNumber.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedNumberList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedPathData.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedPoints.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedPreserveAspectRatio.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedRect.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedString.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimatedTransformList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimateElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimateMotionElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimateTransformElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGAnimationElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGCircleElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGClipPathElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGColor.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGColorProfileElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGColorProfileRule.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGComponentTransferFunctionElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGCSSRule.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGCursorElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGDefinitionSrcElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGDefsElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGDescElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGDocument.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGElementInstance.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGElementInstanceList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGEllipseElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGEvent.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGException.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGExternalResourcesRequired.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEBlendElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEColorMatrixElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEComponentTransferElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFECompositeElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEConvolveMatrixElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEDiffuseLightingElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEDisplacementMapElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEDistantLightElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEFloodElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEFuncAElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEFuncBElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEFuncGElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEFuncRElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEGaussianBlurElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEImageElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEMergeElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEMergeNodeElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEMorphologyElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEOffsetElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFEPointLightElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFESpecularLightingElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFESpotLightElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFETileElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFETurbulenceElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFilterElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFilterPrimitiveStandardAttributes.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFitToViewBox.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFontElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFontFaceElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFontFaceFormatElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFontFaceNameElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFontFaceSrcElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGFontFaceUriElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGForeignObjectElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGGElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGGlyphElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGGlyphRefElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGGradientElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGHKernElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGICCColor.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGImageElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGLangSpace.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGLength.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGLengthList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGLinearGradientElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGLineElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGLocatable.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGMarkerElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGMaskElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGMatrix.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGMetadataElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGMissingGlyphElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGNumber.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGNumberList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPaint.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSeg.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegArcAbs.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegArcRel.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegClosePath.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegCurvetoCubicAbs.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegCurvetoCubicRel.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegCurvetoCubicSmoothAbs.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegCurvetoCubicSmoothRel.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegCurvetoQuadraticAbs.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegCurvetoQuadraticRel.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegCurvetoQuadraticSmoothAbs.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegCurvetoQuadraticSmoothRel.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegLinetoAbs.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegLinetoHorizontalAbs.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegLinetoHorizontalRel.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegLinetoRel.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegLinetoVerticalAbs.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegLinetoVerticalRel.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegMovetoAbs.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPathSegMovetoRel.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPatternElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPoint.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPointList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPolygonElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPolylineElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGPreserveAspectRatio.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGRadialGradientElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGRect.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGRectElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGRenderingIntent.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGScriptElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGSetElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGStopElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGStringList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGStylable.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGStyleElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGSVGElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGSwitchElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGSymbolElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGTests.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGTextContentElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGTextElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGTextPathElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGTextPositioningElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGTitleElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGTransform.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGTransformable.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGTransformList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGTRefElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGTSpanElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGUnitTypes.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGURIReference.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGUseElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGViewElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGViewSpec.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGVKernElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGZoomAndPan.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>org/w3c/dom/svg/SVGZoomEvent.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JAttr.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JCDATASection.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JCharacterData.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JComment.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JDocument.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JDocumentFragment.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JDocumentType.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JDOMException.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JDOMImplementation.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JEntity.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JEntityReference.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JNamedNodeMap.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JNode.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JNodeList.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JNotation.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JProcessingInstruction.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JSVGDocument.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JSVGElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JSVGPoint.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JSVGRect.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JSVGSVGElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JSVGTextContentElement.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/JText.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/css/JCSSStyleDeclaration.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/events/JEvent.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/events/JKeyEvent.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/events/JMouseEvent.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/events/JUIEvent.class OK
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGViewer.zip=>com/adobe/svg/events/KeyEvent.class OK
C:\WINDOWS\System32\ADPTIF.DLL OK
C:\WINDOWS\System32\ADSLDP.DLL OK
C:\WINDOWS\System32\ADSLDPC.DLL OK
C:\WINDOWS\System32\ADSMSEXT.DLL OK
C:\WINDOWS\System32\ADSNT.DLL OK
C:\WINDOWS\System32\ADVAPI32.DLL OK
C:\WINDOWS\System32\ADVPACK.DLL OK
C:\WINDOWS\System32\AHUI.EXE OK
C:\WINDOWS\System32\ALG.EXE OK
C:\WINDOWS\System32\ALRSVC.DLL OK
C:\WINDOWS\System32\AMCOMPAT.TLB OK
C:\WINDOWS\System32\amstream.dll OK
C:\WINDOWS\System32\ANSI.SYS OK
C:\WINDOWS\System32\APCUPS.DLL OK
C:\WINDOWS\System32\APPEND.EXE OK
C:\WINDOWS\System32\APPHELP.DLL OK
C:\WINDOWS\System32\APPWIZ.CPL OK
C:\WINDOWS\System32\ARP.EXE OK
C:\WINDOWS\System32\arphr.tbl OK
C:\WINDOWS\System32\arptr.tbl OK
C:\WINDOWS\System32\array30.tab OK
C:\WINDOWS\System32\arrayhw.tab OK
C:\WINDOWS\System32\ASCTRLS.OCX OK
C:\WINDOWS\System32\asferror.dll OK
C:\WINDOWS\System32\asfiles.txt OK
C:\WINDOWS\System32\ASFSIPC.DLL OK
C:\WINDOWS\System32\asinst.cfg OK
C:\WINDOWS\System32\asuninst.exe OK
C:\WINDOWS\System32\ASYCFILT.DLL OK
C:\WINDOWS\System32\AT.EXE OK
C:\WINDOWS\System32\ATKCTRS.DLL OK
C:\WINDOWS\System32\ATL.DLL OK
C:\WINDOWS\System32\ATMADM.EXE OK
C:\WINDOWS\System32\ATMFD.DLL OK
C:\WINDOWS\System32\ATMLIB.DLL OK
C:\WINDOWS\System32\ATMPVCNO.DLL OK
C:\WINDOWS\System32\ATRACE.DLL OK
C:\WINDOWS\System32\ATTRIB.EXE OK
C:\WINDOWS\System32\AUDIOSRV.DLL OK
C:\WINDOWS\System32\AUTHZ.DLL OK
C:\WINDOWS\System32\AUTOCHK.EXE OK
C:\WINDOWS\System32\AUTOCONV.EXE OK
C:\WINDOWS\System32\AUTODISC.DLL OK
C:\WINDOWS\System32\AUTOEXEC.NT OK
C:\WINDOWS\System32\AUTOFMT.EXE OK
C:\WINDOWS\System32\AUTOLFN.EXE OK
C:\WINDOWS\System32\AVICAP.DLL OK
C:\WINDOWS\System32\AVICAP32.DLL OK
C:\WINDOWS\System32\AVIFIL32.DLL OK
C:\WINDOWS\System32\AVIFILE.DLL OK
C:\WINDOWS\System32\AVMETER.DLL OK
C:\WINDOWS\System32\AVTAPI.DLL OK
C:\WINDOWS\System32\AVWAV.DLL OK
C:\WINDOWS\System32\AXPSupport.dll OK
C:\WINDOWS\System32\B57exp.cpl OK
C:\WINDOWS\System32\bacs.chm OK
C:\WINDOWS\System32\bacs.chm=>/#SYSTEM OK
C:\WINDOWS\System32\bacs.chm=>/bacs.hhc OK
C:\WINDOWS\System32\bacs.chm=>/bacs.hhk OK
C:\WINDOWS\System32\bacs.chm=>/BACS.htm OK
C:\WINDOWS\System32\bacs.chm=>/graphics/bullet.gif OK
C:\WINDOWS\System32\bacs.chm=>/graphics/note.gif OK
C:\WINDOWS\System32\bacs.chm=>/graphics/bacs_InstallProd.jpg OK
C:\WINDOWS\System32\bacs.chm=>/graphics/bacs_ AdvCtlSte.jpg OK
C:\WINDOWS\System32\bacs.chm=>/graphics/basc2.gif OK
C:\WINDOWS\System32\bacs.chm=>/graphics/bacs_2.JPG OK
C:\WINDOWS\System32\bacs.chm=>/graphics/basc3.gif OK
C:\WINDOWS\System32\bacs.chm=>/graphics/ascssu6.gif OK
C:\WINDOWS\System32\bacs.chm=>/graphics/ascsui1.jpg OK
C:\WINDOWS\System32\bacs.chm=>/graphics/ascsui2.gif OK
C:\WINDOWS\System32\bacs.chm=>/graphics/ascsui3.gif OK
C:\WINDOWS\System32\bacs.chm=>/graphics/ascsui4.gif OK
C:\WINDOWS\System32\bacs.chm=>/graphics/bacs_VitalSign.jpg OK
C:\WINDOWS\System32\bacs.chm=>/graphics/4401-bacs-diag.jpg OK
C:\WINDOWS\System32\bacs.chm=>/graphics/bacs_GenStat.jpg OK
C:\WINDOWS\System32\bacs.chm=>/graphics/bacs_IEEEStats.jpg OK
C:\WINDOWS\System32\bacs.chm=>/graphics/bacs_Custom.jpg OK
C:\WINDOWS\System32\bacs.chm=>/graphics/basstat1.gif OK
C:\WINDOWS\System32\bacs.chm=>/graphics/basstat2.gif OK
C:\WINDOWS\System32\bacs.chm=>/dell.css OK
C:\WINDOWS\System32\bacs.chm=>/$WWKeywordLinks/BTree OK
C:\WINDOWS\System32\bacs.chm=>/$WWKeywordLinks/Data OK
C:\WINDOWS\System32\bacs.chm=>/$WWKeywordLinks/Map OK
C:\WINDOWS\System32\bacs.chm=>/$WWKeywordLinks/Property OK
C:\WINDOWS\System32\bacs.chm=>/$WWAssociativeLinks/Property OK
C:\WINDOWS\System32\bacs.chm=>/$OBJINST OK
C:\WINDOWS\System32\bacs.chm=>/$FIftiMain OK
C:\WINDOWS\System32\bacs.chm=>/#IDXHDR OK
C:\WINDOWS\System32\bacs.chm=>/#TOPICS OK
C:\WINDOWS\System32\bacs.chm=>/#URLTBL OK
C:\WINDOWS\System32\bacs.chm=>/#URLSTR OK
C:\WINDOWS\System32\bacs.chm=>/#STRINGS OK
C:\WINDOWS\System32\BacsTray.exe OK
C:\WINDOWS\System32\basesrv.dll OK
C:\WINDOWS\System32\BATMETER.DLL OK
C:\WINDOWS\System32\BATT.DLL OK
C:\WINDOWS\System32\bdaplgin.ax OK
C:\WINDOWS\System32\bdeadmin.cpl OK
C:\WINDOWS\System32\BDEMERGE.INI OK
C:\WINDOWS\System32\BIDISPL.DLL OK
C:\WINDOWS\System32\big5.nls OK
C:\WINDOWS\System32\BIOS1.ROM OK
C:\WINDOWS\System32\BIOS4.ROM OK
C:\WINDOWS\System32\BIOS4.ROM=>REMOVED_NULLS OK
C:\WINDOWS\System32\bits\qmgr.dll OK
C:\WINDOWS\System32\bitsprx2.dll OK
C:\WINDOWS\System32\bitsprx3.dll OK
C:\WINDOWS\System32\blackbox.dll OK
C:\WINDOWS\System32\BMAPI.dll OK
C:\WINDOWS\System32\BOOTOK.EXE OK
C:\WINDOWS\System32\BOOTVID.DLL OK
C:\WINDOWS\System32\BOOTVRFY.EXE OK
C:\WINDOWS\System32\bopomofo.nls OK
C:\WINDOWS\System32\BOPOMOFO.UCE OK
C:\WINDOWS\System32\BROWSELC.DLL OK
C:\WINDOWS\System32\BROWSER.DLL OK
C:\WINDOWS\System32\BROWSEUI.DLL OK
C:\WINDOWS\System32\BROWSEWM.DLL OK
C:\WINDOWS\System32\BSelList.dll OK
C:\WINDOWS\System32\CABINET.DLL OK
C:\WINDOWS\System32\CABVIEW.DLL OK
C:\WINDOWS\System32\cabw32.dll OK
C:\WINDOWS\System32\CACLS.EXE OK
C:\WINDOWS\System32\cal32x20.ocx OK
C:\WINDOWS\System32\CALC.EXE OK
C:\WINDOWS\System32\CAMOCX.DLL OK
C:\WINDOWS\System32\CAPESNPN.DLL OK
C:\WINDOWS\System32\CARDS.DLL OK
C:\WINDOWS\System32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\CLASSES.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\DAJAVAC.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\drm.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\drmclien.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\DX3.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\dxbda.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\dxxp.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\FP4.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HPCRDP.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IASNT4.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IMS.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\js56nen.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB821557.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB823182.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB823559.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB823980.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB824105.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB824141.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB824146.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB825119.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB828035.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB828741.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB833987.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB835732.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB840987.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB841356.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB841533.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB842773.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB867282-IE6SP1-20050127.163319.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB871250.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB873333.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB873339.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB873376.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885250.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885492.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885835.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885836.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888113.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888302.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB890047.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB890175.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB891711.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB891781.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893803v2_wxp.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB898461.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MAPIMIG.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSJDBC.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSMSGS.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSTSWEB.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msxmlx.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MW770.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5IIS.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5INF.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NTPRINT.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem0.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem10.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem11.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem12.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem13.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem14.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem15.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem16.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem17.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem18.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem19.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem2.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem20.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem21.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem22.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem24.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem26.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem27.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem28.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem29.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem3.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem30.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem31.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem32.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem33.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem34.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem35.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem36.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem37.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem38.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem39.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem4.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem40.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem41.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem42.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem43.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem44.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem45.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem46.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem47.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem48.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem49.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem5.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem51.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem52.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem53.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem54.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem55.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem56.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem57.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem6.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem60.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem7.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem8.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem9.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\OEMBIOS.CAT OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\olddrm.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\olddrmclien.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oldWMFSDK.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q323255.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q327979.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q328213.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q328310.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q329048.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q329115.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q329170.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q329390.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q329441.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q329834.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q329909.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q331060.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q331953.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q810565.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q810577.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q810833.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q811493.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q811630.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q811789.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\q812415.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q813862.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q814033.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q815021.cat OK
C:\WINDOWS\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Q815485.cat OK
C:\WINDOWS\System32\Cat

#13
Buckeye_Sam

Posted 28 March 2006 - 04:25 PM

Malware Expert

Member
10,019 posts

Good! Did you run the scan with Ewido yet?
Please post the log from it once that scan is complete.

#14
seojyma

Posted 28 March 2006 - 07:11 PM

Member

Topic Starter
Member
10 posts

Sorry, thought I did:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 1:23:20 PM, 3/28/2006
+ Report-Checksum: E829CB93

+ Scan result:

C:\Documents and Settings\Amy\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Amy\My Documents\Ѕymantec\tаskmgr.exe -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062469.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062470.exe -> Proxy.Agent.gt : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062471.exe -> Proxy.Agent.gt : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062472.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062473.exe -> Downloader.TSUpdate.l : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062474.exe -> Downloader.TSUpdate.p : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062475.exe -> Downloader.TSUpdate.f : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062476.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062477.exe -> Dropper.VB.kk : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062478.exe -> Trojan.Imiserv.c : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062479.exe -> Downloader.Small.adu : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062480.ocx -> Downloader.VB.ez : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062481.exe -> Dropper.SurfSide.a : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062482.exe/systb.dll -> Adware.ImiBar : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062483.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062484.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062485.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062486.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062487.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062488.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062489.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062492.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062493.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062494.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062495.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062496.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062497.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062498.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062499.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062500.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062501.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062502.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062503.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062504.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062505.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062506.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062507.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062508.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062509.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062510.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062511.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062512.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062513.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062514.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062515.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062516.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062517.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062518.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062519.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062520.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062521.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062522.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062524.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062525.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062526.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062527.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062528.exe -> Worm.Welchia.b : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062529.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062530.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062531.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062533.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062534.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062535.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062536.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062537.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062538.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062539.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062540.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062541.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062542.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062543.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062544.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062545.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062546.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062547.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062548.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062549.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062550.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062551.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062552.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062553.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062554.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062555.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062556.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062557.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062558.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062559.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062560.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062561.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062562.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062563.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062564.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062565.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062566.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062567.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062568.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062569.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062570.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062571.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062572.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062573.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062574.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062575.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062576.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062577.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062578.exe -> Downloader.Agent.am : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062579.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062580.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062581.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062582.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062583.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062584.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062585.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062586.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062587.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062588.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062589.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062590.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062591.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062592.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062593.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062594.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062595.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062597.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062598.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062599.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062600.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062601.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062602.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062603.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062604.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062605.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062606.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062607.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062608.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062609.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062610.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062611.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062612.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062613.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062614.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062615.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062616.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062617.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062619.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062620.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062621.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062622.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062623.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062624.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062625.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062626.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062627.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062628.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062629.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062630.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062631.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062632.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062633.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062634.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062635.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062636.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062637.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062638.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062639.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062640.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062641.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062642.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062643.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062644.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062645.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062646.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062647.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062648.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062649.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062650.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062651.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062652.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062653.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062654.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062655.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062656.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062657.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062658.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062659.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062660.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062661.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062662.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062663.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062664.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062665.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062666.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062667.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062668.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062669.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062670.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062671.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062672.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062673.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062674.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062675.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062676.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062677.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062678.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062679.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062680.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062681.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062682.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062683.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062684.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062685.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062686.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062687.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062688.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062689.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062690.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062691.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062692.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062693.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062694.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062695.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062696.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062697.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062698.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062699.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062700.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062701.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062702.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062703.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062704.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062705.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062706.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062707.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062708.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062709.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062710.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062711.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062712.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062713.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062714.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062715.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062716.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062717.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062718.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062719.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062720.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062721.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062722.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062723.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062724.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062725.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062726.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062727.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062728.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062729.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062730.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062731.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062732.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062733.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062734.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062735.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062736.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062737.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062739.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062740.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062741.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062743.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062744.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062745.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062746.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062747.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062748.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062749.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062750.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062751.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062752.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062753.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062754.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062755.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062756.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062757.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062758.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062759.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062760.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062761.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062762.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062763.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062764.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062765.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062766.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062767.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062768.EXE -> Worm.Welchia.a : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062769.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062770.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062771.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062772.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062773.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062774.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062775.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062776.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062777.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062778.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062779.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062780.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062781.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062783.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062784.exe -> Trojan.Imiserv.c : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062785.bat -> Trojan.Zapchast : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062786.exe -> Dropper.Delf.z : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062787.exe -> Adware.BetterInternet : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP927\A0062790.exe -> Adware.PurityScan : Cleaned with backup
C:\WINDOWS\SYSTEM32\Mіcrosoft.NET\wowexec.exe -> Downloader.PurityScan.w : Cleaned with backup

::Report End

#15
Buckeye_Sam

Posted 29 March 2006 - 06:29 AM

Malware Expert

Member
10,019 posts

Flush your system restore, this will delete any restore points that you have but it will also make sure that any malware hiding in system restore will be booted off.

Turn off System Restore:

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

Restart your computer, turn it back on and create a restore point.

Create a restore point:

Click Start and point to All Programs.
Mouse over Accessories, then System Tools, and select System Restore.
In the System Restore wizard, select the box next the text labeled "Create a
restore point" and click the Next button.
Type a description for your new restore point. Something like "After
cleanup". Click Create and you're done.

Please post a new hijackthis log.
Let me know of any problems that you are still having.