Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PANDA ACTIVE SCAN LOG

Started by rubes , Mar 08 2006 03:18 PM

  • Please log in to reply

#1
rubes
Posted 08 March 2006 - 03:18 PM

rubes

    Member

  • Member
  • PipPip
  • 29 posts
The activescan shows tons of adware, unwanted applications, viruses, trojans, cookies

can you help me get rid of all these please?
here's the Log

Incident Status Location

Adware:adware/azesearch Not disinfected C:\WINDOWS\SYSTEM32\azebar.xml
Adware:adware/swimsuitnetwork Not disinfected C:\WINDOWS\SYSTEM32\MYDLL.dll
Adware:adware/cws.searchmeup Not disinfected C:\WINDOWS\SYSTEM32\paytime.exe
Adware:adware/cashdeluxe Not disinfected C:\WINDOWS\SYSTEM32\shell386.exe
Potentially unwanted tool:application/winfixer2005 Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\UWFX6_0001_N68M2301NetInstaller.exe
Adware:adware/secure32 Not disinfected C:\WINDOWS\country.exe
Adware:adware/downloadware Not disinfected C:\WINDOWS\Digital Signature 20040906.htm
Adware:adware/cws.loadadv Not disinfected C:\WINDOWS\loadadv728.exe
Spyware:application/bestoffer Not disinfected C:\WINDOWS\smdat32a.sys
Adware:adware/isearch Not disinfected C:\WINDOWS\tool2.exe
Adware:adware/elitebar Not disinfected C:\Documents and Settings\Ian\Favorites\Casino & Carrers
Potentially unwanted tool:application/myway Not disinfected HKEY_CLASSES_ROOT\MYWAYSEARCHASSISTANT.AUXILIARY
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Ian\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv470.jar-5c362d1c-49ff0620.zip[Matrix.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Ian\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv661.jar-255146ea-315d52be.zip[Matrix.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Ian\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv661.jar-897c2ff-27c2c801.zip[Matrix.class]
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Leanne\Application Data\Default Hold Hide\Browsedvdwarn.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Leanne\Application Data\Default Hold Hide\Delete Web Proc.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Leanne\Application Data\Default Hold Hide\IDOL TEST ANTE DART.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Leanne\Application Data\Default Hold Hide\rdypembp.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Leanne\Application Data\Default Hold Hide\rrlgaakk.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Leanne\Application Data\Default Hold Hide\sducmvsp.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Leanne\Application Data\Default Hold Hide\tcnhhewm.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Leanne\Application Data\Default Hold Hide\vtevihqe.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Leanne\Application Data\Default Hold Hide\wykcjhfc.exe
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Leanne\Application Data\Mozilla\Firefox\Profiles\a7zof1g2.default\cookies.txt[]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Leanne\Cookies\[email protected][1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Leanne\Cookies\leanne@winfixer[1].txt
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Leanne\Local Settings\Temp\ad8f712.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Leanne\Local Settings\Temp\sta1C4.exe
Potentially unwanted tool:Application/Winfixer2005 Not disinfected C:\Documents and Settings\Leanne\Local Settings\Temp\temp.frF479\Frec.dll
Potentially unwanted tool:Application/Winfixer2005 Not disinfected C:\Documents and Settings\Leanne\Local Settings\Temp\temp.frF479\Install.exe
Potentially unwanted tool:Application/Winfixer2005 Not disinfected C:\Documents and Settings\Leanne\Local Settings\Temp\temp.frF479\str.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Leanne\Local Settings\Temporary Internet Files\Content.IE5\8A6OVQBU\upAYB_unk[1].int
Adware:Adware/Lop Not disinfected C:\Program Files\Adverts\uninst.exe
Adware:Adware/AzeSearch Not disinfected C:\WINDOWS\Downloaded Program Files\azesearch.inf
Virus:Trj/Harnig.BU Disinfected C:\WINDOWS\loadadv728.exe


My computer is soo slow and freezes all the time now, and it's relatively good!
I'm surprised it even let me paste this on GeekstoGo, haha

thanks,
  • 0

Advertisements

#2
Flrman1
Posted 08 March 2006 - 05:08 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Before we do anything else, please do this:

* Click here to download HJTsetup.exe
  • Save HJTsetup.exe to your desktop.
  • Doubleclick on the HJTsetup.exe icon on your desktop.
  • By default it will install to C:\Program Files\Hijack This.
  • Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
  • Put a check by Create a desktop icon then click Next again.
  • Continue to follow the rest of the prompts from there.
  • At the final dialogue box click Finish and it will launch Hijack This.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
Remind me that we need to delete those files that Activescan found if I forget.
  • 0

#3
rubes
Posted 08 March 2006 - 10:27 PM

rubes

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Here's my hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 11:27:12 PM, on 08/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\SABSVC.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Documents and Settings\Leanne\My Documents\MsgPlus1.exe
C:\Program Files\Quicktime\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ianruberry.kills.us/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emachines.com/
O2 - BHO: PopupSentry Class - {00000000-6C30-11D8-9363-000AE6309657} - C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\PSBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\Leanne\My Documents\MsgPlus1.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\Quicktime\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Documents and Settings\Leanne\My Documents\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.co...l/azesearch.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SABWinLogon - C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\SABWINLO.dll
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Pop-Up Sentry! Service (SABSVC) - SuperAdBlocker.com - C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\SABSVC.EXE
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe
  • 0

#4
Flrman1
Posted 09 March 2006 - 05:34 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
* Click here to download ATF Cleaner by Atribune and save it to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Click the Empty Selected button.
  • If you use Firefox:
  • Click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera:
  • Click Opera at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
[*]Click Exit on the Main menu to close the program.
[/list]
* Click Here and download Killbox and save it to your desktop.


* Click here for info on how to boot to safe mode if you don't already know how.


* Now copy these instructions to notepad and save them to your desktop. You will need them to refer to.


* Restart your computer into safe mode now. Perform the following steps in safe mode:


* Double-click on Killbox.exe to run it.
  • Put a tick by Standard File Kill.
  • In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time:

    C:\WINDOWS\system32\nvsvcd.exe

    C:\WINDOWS\SYSTEM32\azebar.xml

    C:\WINDOWS\SYSTEM32\MYDLL.dll

    C:\WINDOWS\SYSTEM32\paytime.exe

    C:\WINDOWS\SYSTEM32\shell386.exe

    C:\WINDOWS\DOWNLOADED PROGRAM FILES\UWFX6_0001_N68M2301NetInstaller.exe

    C:\WINDOWS\country.exe

    C:\WINDOWS\Digital Signature 20040906.htm

    C:\WINDOWS\loadadv728.exe

    C:\WINDOWS\smdat32a.sys

    C:\WINDOWS\tool2.exe

    C:\Documents and Settings\Ian\Favorites\Casino & Carrers

    C:\Documents and Settings\Leanne\Application Data\Default Hold Hide

    C:\Program Files\Adverts

    C:\WINDOWS\Downloaded Program Files\azesearch.inf

  • Click on the button that has the red circle with the X in the middle after you enter each file.
  • It will ask for confimation to delete the file.
  • Click Yes.
  • Continue with that procedure until you have pasted all of these in the "Paste Full Path of File to Delete" box.
  • Killbox may tell you that one or more files do not exist.
  • If that happens, just continue on with all the files. Be sure you don't miss any.
  • Exit the Killbox.

* Restart back into Windows normally now.


* Go to Start > Run and type in cmd

Click OK

This will open a command shell. In the command window Copy and Paste the following commands one at a time exactly as the appear below and hit the Enter key after each one:

sc stop nvsvcd

Hit Enter

Next copy and paste this line:

sc delete nvsvcd

Hit Enter

Exit the command prompt.


* Run Kaspersky online virus scan here.

When given the option, choose the "Extended database" for the scan.

When the scan is finished, Save the results from the scan!

Post a new HiJackThis log along with the results from Kaspersky scan
  • 0

#5
rubes
Posted 09 March 2006 - 08:30 PM

rubes

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Okay, everything works, and i got rid of all those files.

Here's the new log:

Logfile of HijackThis v1.99.1
Scan saved at 9:27:16 PM, on 09/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\SABSVC.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Ian\Games\Starcraft\Starcraft\starcraft.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ianruberry.kills.us/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emachines.com/
O2 - BHO: PopupSentry Class - {00000000-6C30-11D8-9363-000AE6309657} - C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\PSBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\Leanne\My Documents\MsgPlus1.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\Quicktime\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Documents and Settings\Leanne\My Documents\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [Skype] "C:\Documents and Settings\JOAN & DAVE\Desktop\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.co...l/azesearch.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SABWinLogon - C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\SABWINLO.dll
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Pop-Up Sentry! Service (SABSVC) - SuperAdBlocker.com - C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\SABSVC.EXE
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe (file missing)





and here's the Kaspersky Log - it found a lot (it's rather long)

Thursday, March 09, 2006 9:26:16 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 10/03/2006
Kaspersky Anti-Virus database records: 181152


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\

Scan Statistics
Total number of scanned objects 151785
Number of viruses found 28
Number of infected objects 1180
Number of suspicious objects 0
Duration of the scan process 01:40:28

Infected Object Name Virus Name Last Action
C:\!KillBox\nvsvcd.exe Infected: Backdoor.Win32.IRCBot.nw skipped

C:\AntiVirScan.exe Infected: P2P-Worm.Win32.VB.dy skipped

C:\bac.exe Infected: P2P-Worm.Win32.VB.dy skipped

C:\bac2.exe Infected: P2P-Worm.Win32.VB.dy skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\Ahead Nero 7.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\Dummy.class-393d648-3d2478da.class.bac_a00824 Infected: Trojan.Java.ClassLoader.Dummy.d skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\fillmemadv470[2].htm.bac_a00824 Infected: Exploit.JS.CVE-2005-1790.j skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\hardcore arhive.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\iasada.dll.bac_a00824 Infected: not-a-virus:AdWare.Win32.AzSearch.b skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\important update.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\important.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\install.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\install[1].htm.bac_a00824 Infected: Exploit.HTML.CodeBaseExec skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-28679adb-67cccc15.zip.bac_a00824/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-28679adb-67cccc15.zip.bac_a00824/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-28679adb-67cccc15.zip.bac_a00824 ZIP: infected - 2 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-28679adb-67cccc15.zip.bac_a00824 CryptFF.b: infected - 2 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-47723671-541e4e49.zip.bac_a00824/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-47723671-541e4e49.zip.bac_a00824/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-47723671-541e4e49.zip.bac_a00824 ZIP: infected - 2 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-47723671-541e4e49.zip.bac_a00824 CryptFF.b: infected - 2 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-5f22f99-3048147a.zip.bac_a00824/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-5f22f99-3048147a.zip.bac_a00824/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-5f22f99-3048147a.zip.bac_a00824 ZIP: infected - 2 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-5f22f99-3048147a.zip.bac_a00824 CryptFF.b: infected - 2 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-bae16f0-26d6b354.zip.bac_a00824/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-bae16f0-26d6b354.zip.bac_a00824/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-bae16f0-26d6b354.zip.bac_a00824 ZIP: infected - 2 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\java.jar-bae16f0-26d6b354.zip.bac_a00824 CryptFF.b: infected - 2 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\Kaspersky Antivirus 5.0.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\loaderadv470.jar-5c362d1c-49ff0620.zip.bac_a00824/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\loaderadv470.jar-5c362d1c-49ff0620.zip.bac_a00824 ZIP: infected - 1 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\loaderadv470.jar-5c362d1c-49ff0620.zip.bac_a00824 CryptFF.b: infected - 1 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\loaderadv661.jar-255146ea-315d52be.zip.bac_a00824/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\loaderadv661.jar-255146ea-315d52be.zip.bac_a00824 ZIP: infected - 1 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\loaderadv661.jar-255146ea-315d52be.zip.bac_a00824 CryptFF.b: infected - 1 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\loaderadv661.jar-897c2ff-27c2c801.zip.bac_a00824/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\loaderadv661.jar-897c2ff-27c2c801.zip.bac_a00824 ZIP: infected - 1 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\loaderadv661.jar-897c2ff-27c2c801.zip.bac_a00824 CryptFF.b: infected - 1 skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\message.msg .exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\Microsoft Office 2003 Crack, Working!.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\Microsoft Office XP working Crack, Keygen.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\Microsoft Windows XP, WinXP Crack, working Keygen.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\New document.doc .exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\New patch.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\patch.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\[bleep] pics arhive, xxx.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\[bleep] Screensaver.scr.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\[bleep], sex, oral, anal cool, awesome!!.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\rdr type.exe.bac_a00824 Infected: not-a-virus:AdWare.Win32.Lop.ag skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\rinst.exe.bac_a00824 Infected: Trojan-Spy.Win32.Perfloger.e skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\Serials.txt .exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\setup.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\sploitadv470[1].anr.bac_a00824 Infected: Trojan-Downloader.Win32.Ani.c skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\text.txt .exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\uninst.tmp.bac_a00824 Infected: Trojan-Spy.Win32.Perfloger.e skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\update.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\WinAmp 6 New!.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\Windown Longhorn Beta Leak.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\Windows Sourcecode update.doc .exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\xpladv470[1].wmf.bac_a00824 Infected: Trojan-Downloader.Win32.Agent.acd skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\xpl[1].wmf.bac_a00824 Infected: Trojan-Downloader.Win32.Agent.acd skipped

C:\Documents and Settings\Ian\.housecall\Quarantine\XXX hardcore images.exe.bac_a00824 Infected: Email-Worm.Win32.Bagle.bw skipped

C:\Documents and Settings\Leanne\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv470.jar-5c362d1c-70298d27.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped

C:\Documents and Settings\Leanne\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv470.jar-5c362d1c-70298d27.zip ZIP: infected - 1 skipped

C:\Documents and Settings\Leanne\Local Settings\Temporary Internet Files\Content.IE5\KD4M56XP\fillmemadv470[1].htm Infected: Exploit.JS.CVE-2005-1790.j skipped

C:\Documents and Settings\Leanne\Local Settings\Temporary Internet Files\Content.IE5\KD4M56XP\fillmemadv470[2].htm Infected: Exploit.JS.CVE-2005-1790.j skipped

C:\Documents and Settings\Leanne\Local Settings\Temporary Internet Files\Content.IE5\KD4M56XP\fillmemadv470[3].htm Infected: Exploit.JS.CVE-2005-1790.j skipped

C:\Documents and Settings\Leanne\Local Settings\Temporary Internet Files\Content.IE5\KD4M56XP\fillmemadv470[4].htm Infected: Exploit.JS.CVE-2005-1790.j skipped

C:\Documents and Settings\Leanne\Local Settings\Temporary Internet Files\Content.IE5\N3GEF24O\fillmemadv470[1].htm Infected: Exploit.JS.CVE-2005-1790.j skipped

C:\Documents and Settings\Leanne\Local Settings\Temporary Internet Files\Content.IE5\NDQGCHCO\fillmemadv470[1].htm Infected: Exploit.JS.CVE-2005-1790.j skipped

C:\Documents and Settings\Leanne\Local Settings\Temporary Internet Files\Content.IE5\T5CXAAG6\fillmemadv470[1].htm Infected: Exploit.JS.CVE-2005-1790.j skipped

C:\Program Files\Norton AntiVirus\Quarantine\0CA14F5F Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\0CA5795B Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\0CA82358 Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\0CAF7751 Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\0CB2214D Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\0CB54B4A Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\0CB87546 Infected: not-a-virus:AdWare.Win32.Coreak skipped

C:\Program Files\Norton AntiVirus\Quarantine\0CC2733B Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\0CC94734 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\0CCC7130 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\0CCF1B2D Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\0CD91922 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\16CF522E.class Infected: Exploit.Java.ByteVerify skipped

C:\Program Files\Norton AntiVirus\Quarantine\18546019 Infected: not-a-virus:AdWare.Win32.Coreak skipped

C:\Program Files\Norton AntiVirus\Quarantine\203D15BF Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\23E41C17 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\2439729B Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\27E70D2B.class Infected: Exploit.Java.ByteVerify skipped

C:\Program Files\Norton AntiVirus\Quarantine\27EA3727.class Infected: Exploit.Java.ByteVerify skipped

C:\Program Files\Norton AntiVirus\Quarantine\2FCA2E99 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\354A5DBD Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\3B5A6A98 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\3CEB37C8.class Infected: Trojan.Java.ClassLoader.d skipped

C:\Program Files\Norton AntiVirus\Quarantine\3DBA34EF Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\3EAA1960 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\3EAD50AF Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\3F7A243A Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\4167531A Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\42457A11 Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\46651BA0.exe Infected: P2P-Worm.Win32.Krepper.c skipped

C:\Program Files\Norton AntiVirus\Quarantine\46EB2696 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\47511C9E Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\49377655 Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\49B8722F Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\4AD30DF1 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\4BA318CB Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\516B1E83.class Infected: Trojan.Java.ClassLoader.h skipped

C:\Program Files\Norton AntiVirus\Quarantine\52545751.class Infected: Trojan.Java.ClassLoader.d skipped

C:\Program Files\Norton AntiVirus\Quarantine\55606AE6 Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\556D23B7 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\5BB97C5C.class Infected: Trojan.Java.ClassLoader.h skipped

C:\Program Files\Norton AntiVirus\Quarantine\5EB443E5.class Infected: Trojan.Java.ClassLoader.d skipped

C:\Program Files\Norton AntiVirus\Quarantine\69B26271 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\6A8D0FC4 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\6A900967 Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\6F827FBE Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\70D2346D Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\71CF474C Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\71D27149 Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\73D427CE.class Infected: Trojan.Java.ClassLoader.h skipped

C:\Program Files\Norton AntiVirus\Quarantine\75920C98 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\78337108 Infected: not-a-virus:AdWare.Win32.SmartPops.a skipped

C:\Program Files\Norton AntiVirus\Quarantine\78361B04 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\7B133BBC Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\7DB6021A Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\7DB92C17 Infected: not-a-virus:AdWare.Win32.Look2Me.k skipped

C:\Program Files\Norton AntiVirus\Quarantine\7DBD5613 Infected: not-a-virus:AdWare.Win32.Wintol.l skipped

C:\Program Files\Norton AntiVirus\Quarantine\7F976E0B.class Infected: Exploit.Java.ByteVerify skipped

C:\Program Files\Norton AntiVirus\Quarantine\7F9A1808.class Infected: Exploit.Java.ByteVerify skipped

C:\Program Files\Norton AntiVirus\Quarantine\7F9E4204.class Infected: Exploit.Java.ByteVerify skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP654\A0135891.exe Infected: Trojan-Downloader.Win32.Harnig.bb skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP669\A0136519.exe Infected: not-a-virus:AdWare.Win32.Lop skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136557.exe Infected: not-a-virus:AdWare.Win32.Lop.ag skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136561.exe Infected: not-a-virus:AdWare.Win32.Lop.ag skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136563.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136564.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136565.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136566.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136567.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136568.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136569.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136570.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136571.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136572.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136573.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136574.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136575.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136576.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136577.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136578.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136579.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136580.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136581.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136582.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136583.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136584.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136585.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136586.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136587.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136588.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136589.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136590.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136591.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136592.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136593.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136594.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136595.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136596.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136597.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136598.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136599.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136600.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136601.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136602.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136603.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136604.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136605.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136606.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136607.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136608.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136609.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136610.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136611.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136612.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136613.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136614.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136615.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136616.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136617.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136618.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136619.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136620.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136621.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136622.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136623.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136624.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136625.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136626.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136627.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136628.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136629.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136630.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136631.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136632.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136633.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136634.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136635.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136636.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136637.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136638.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136639.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136640.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136641.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136642.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136643.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136644.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136645.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136646.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136647.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136648.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136649.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136650.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136651.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136652.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136653.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136654.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136655.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136656.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136657.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136658.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136659.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136660.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136661.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136662.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136663.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136664.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136665.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136666.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136667.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136668.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136669.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136670.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136671.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136672.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136673.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136674.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136675.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136676.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136677.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136678.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136679.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136680.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136681.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136682.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136683.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136684.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136685.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136686.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136687.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136688.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136689.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136690.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136691.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136692.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136693.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136694.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136695.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136696.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136697.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136698.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136699.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136700.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136701.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136702.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136703.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136704.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136705.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136706.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136707.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136708.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136709.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136710.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136711.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136712.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136713.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136714.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136715.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136716.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136717.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136718.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136719.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136720.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136721.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136722.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136723.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136724.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136725.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136726.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136727.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136728.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136729.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136730.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136731.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136732.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136733.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136734.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136735.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136736.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136737.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136738.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136739.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136740.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136741.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136742.exe Infected: Email-Worm.Win32.Bagle.bw skipped
  • 0

#6
rubes
Posted 09 March 2006 - 08:33 PM

rubes

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Kaspersky results CONTINUED

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136743.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136744.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136745.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136746.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136747.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136748.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136749.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136750.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136751.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136752.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136753.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136754.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136755.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136756.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136757.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136758.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136759.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136760.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136761.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136762.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136763.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136764.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136765.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136766.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136767.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136768.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136769.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136770.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136771.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136772.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136773.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136774.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136775.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136776.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136777.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136778.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136779.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136780.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136781.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136782.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136783.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136784.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136785.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136786.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136787.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136788.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136789.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136790.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136791.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136792.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136793.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136794.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136795.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136796.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136797.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136798.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136799.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136800.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136801.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136802.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136803.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136804.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136805.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136806.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136807.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136808.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136809.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136810.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136811.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136812.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136813.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136814.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136815.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136816.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136817.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136818.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136819.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136820.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136821.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136822.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136823.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136824.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136825.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136826.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136827.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136828.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136829.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136830.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136831.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136832.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136833.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136834.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136835.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136836.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136837.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136838.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136839.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136840.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136841.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136842.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136843.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136844.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136845.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136846.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136847.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136848.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136849.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136850.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136851.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136852.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136853.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136854.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136855.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136856.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136857.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136858.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136859.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136860.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136861.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136862.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136863.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136864.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136865.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136866.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136867.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136868.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136869.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136870.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136871.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136872.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136873.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136874.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136875.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136876.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136877.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136878.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136879.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136880.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136881.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136882.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136883.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136884.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136885.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136886.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136887.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136888.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136889.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136890.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136891.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136892.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136893.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136894.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136895.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136896.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136897.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136898.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136899.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136900.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136901.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136902.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136903.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136904.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136905.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136906.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136907.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136908.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136909.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136910.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136911.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136912.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136913.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136914.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136915.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136916.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136917.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136918.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136919.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136920.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136921.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136922.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136923.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136924.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136925.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136926.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136927.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136928.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136929.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136930.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136931.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136932.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136933.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136934.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136935.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136936.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136937.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136938.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136939.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136940.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136941.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136942.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136943.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136944.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136945.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136946.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136947.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136948.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136949.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136950.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136951.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136952.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136953.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136954.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136955.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136956.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136957.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136958.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136959.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136960.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136961.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136962.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136963.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136964.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136965.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136966.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136967.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136968.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136969.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136970.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136971.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136972.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136973.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136974.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136975.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136976.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136977.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136978.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136979.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136980.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136981.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136982.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136983.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136984.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136985.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136986.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136987.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136988.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136989.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136990.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136991.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136992.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136993.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136994.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136995.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136996.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136997.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136998.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0136999.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137000.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137001.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137002.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137003.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137004.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137005.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137006.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137007.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137008.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137009.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137010.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137011.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137012.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137013.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137014.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137015.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137016.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137017.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137018.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137019.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137020.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137021.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137022.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137023.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137024.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137025.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137026.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137027.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137028.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137029.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137030.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137031.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137032.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137033.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137034.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137035.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137036.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137037.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137038.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137039.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137040.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137041.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137042.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137043.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137044.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137045.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137046.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137047.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137048.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137049.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137050.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137051.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137052.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137053.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137054.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137055.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137056.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137057.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137058.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137059.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137060.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137061.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137062.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137063.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137064.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137065.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137066.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137067.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137068.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137069.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137070.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137071.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137072.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137073.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137074.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137075.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137076.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137077.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137078.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137079.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137080.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137081.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137082.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137083.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137084.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137085.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137086.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137087.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137088.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137089.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137090.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137091.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137092.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137093.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137094.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137095.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137096.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137097.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137098.scr Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137099.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137100.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137101.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137102.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137103.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137104.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137105.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137106.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137107.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137108.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137109.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137110.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137111.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137112.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137113.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137114.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137115.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restore{485BCDE0-6F5D-44AC-ADFB-FC4AD5FDC45E}\RP671\A0137116.exe Infected: Email-Worm.Win32.Bagle.bw skipped

C:\System Volume Information\_restor
  • 0

#7
rubes
Posted 09 March 2006 - 08:35 PM

rubes

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Okay, there isn't room for the rest of this.....
there's like 1100 files

but you can see how the number just increases by 1 at the end of the file.exe

there's about 600 more of those i guess, and then these are the only different ones at the end

C:\WINDOWS\system\smss.exe Infected: Backdoor.Win32.IRCBot.nw skipped

C:\WINDOWS\system32\cacore.dll Infected: not-a-virus:AdWare.Win32.Couponage.a skipped

C:\WINDOWS\system32\casync.dll Infected: not-a-virus:AdWare.Win32.Couponage.c skipped

C:\WINDOWS\system32\netf.dll Infected: Backdoor.Win32.IRCBot.nw skipped

Scan process completed.

What is the system volume information folder do? can i just delete the whole folder?

thanks
  • 0

#8
Flrman1
Posted 10 March 2006 - 07:08 AM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
The files in C:\System Volume Information\_restore are in System Restore. We will deal with those when Im sure everything else is clean by turning off system restore to clear all restore points.

* Go to Control Panel > Java. On the General tab uner "Temporary Internet Files", click the "Delete Files" button tp clear the Java cache.


* Go to Control Panel > Internet Options. On the General tab under "Temporary Internet Files" Click "Delete Files". Put a check by "Delete Offline Content" and click OK. Click on the "Delete Cookies" button to clear all cookies.


* Double-click on Killbox.exe to run it.
  • Put a tick by Delete on Reboot.
  • Copy the following list of files to clipboard:

    C:\WINDOWS\system\smss.exe
    C:\WINDOWS\system32\cacore.dll
    C:\WINDOWS\system32\casync.dll
    C:\WINDOWS\system32\netf.dll

  • Next in Killbox go to File > Paste from clipboard
  • Click on the All Files button.
  • Next click on the button that has the red circle with the white X in the middle.
  • It will ask for confimation to delete the files on next reboot and ask you if you want to reboot now.
  • Click Yes and let the computer reboot.
* After it reboots, go here and do the BitDefender online virus scan.
  • Click "I Agree" to agree to the EULA.
  • Allow the ActiveX control to install when prompted.
  • Click "Click here to scan" to begin the scan.
  • Please refrain from using the computer until the scan is finished.
  • When the scan is finished, click on "Click here to export the scan results"
  • Save the report to your desktop then come back here and attach it to your next reply along with a new Hijack This log..

  • 0

#9
rubes
Posted 10 March 2006 - 10:49 PM

rubes

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Here's the Report:

BitDefender Online Scanner - Real Time Virus Report



Generated at: Fri, Mar 10, 2006 - 23:46:31


--------------------------------------------------------------------------------





Scan Info



Scanned Files
798919

Infected Files
24








Virus Detected



Java.Trojan.Exploit.Bytverify
4

Trojan.Java.Classloader.G
3

Java.Trojan.Downloader.OpenStream.C
3

Adware.Wheaterbug.A
2

Trojan.Java.Byteverify.Exploit.C
4

Trojan.Exploit.Byteverify.G
4

Trojan.Downloader.Java.Openconnection.AJ
4

Here;s the New HijackTHis Log

Logfile of HijackThis v1.99.1
Scan saved at 11:49:20 PM, on 10/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\SABSVC.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ianruberry.kills.us/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emachines.com/
O2 - BHO: PopupSentry Class - {00000000-6C30-11D8-9363-000AE6309657} - C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\PSBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\Leanne\My Documents\MsgPlus1.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\Quicktime\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Documents and Settings\Leanne\My Documents\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.co...l/azesearch.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SABWinLogon - C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\SABWINLO.dll
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Pop-Up Sentry! Service (SABSVC) - SuperAdBlocker.com - C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\SABSVC.EXE
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe (file missing)
  • 0

#10
Flrman1
Posted 11 March 2006 - 10:55 AM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Go to Start > Run and type in cmd

Click OK

This will open a command shell. In the command window Copy and Paste the following commands one at a time exactly as the appear below and hit the Enter key after each one:

sc stop nvsvcd

Hit Enter

sc delete nvsvcd

Hit Enter

Exit the command prompt.

Restart and post another Hijack This log please.

How is everything now?
  • 0

Advertisements

#11
rubes
Posted 11 March 2006 - 02:59 PM

rubes

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
That last instruction you gave me.....it doesn't work, cause it says the file isn't there, or isn't an installed application or something.

so the HijackThis log is the same as last time. Don't you think we should still get rid of all the stuff that scan found? and the Panda Scan.

Because the BitDefender Online Scanner didn't get rid of that much. it mostly just said, disinfection failed, etc

should i maybe scan again with Panda?
  • 0

#12
Flrman1
Posted 12 March 2006 - 09:03 AM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Post a new Hijack This log please.
  • 0

#13
rubes
Posted 12 March 2006 - 07:09 PM

rubes

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Logfile of HijackThis v1.99.1
Scan saved at 8:08:44 PM, on 12/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\SABSVC.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Documents and Settings\Leanne\My Documents\MsgPlus1.exe
C:\Program Files\Quicktime\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\RDSHOST.exe
C:\WINDOWS\system32\sessmgr.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ianruberry.kills.us/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emachines.com/
O2 - BHO: PopupSentry Class - {00000000-6C30-11D8-9363-000AE6309657} - C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\PSBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\Leanne\My Documents\MsgPlus1.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\Quicktime\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Documents and Settings\Leanne\My Documents\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.co...l/azesearch.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SABWinLogon - C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\SABWINLO.dll
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Pop-Up Sentry! Service (SABSVC) - SuperAdBlocker.com - C:\Program Files\PopUpSentry.com\Pop-Up Sentry!\SABSVC.EXE
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe (file missing)
  • 0

#14
Flrman1
Posted 13 March 2006 - 08:26 AM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Click here to download regquery.zip. Unzip the regquery.bat file that is in the zip file to your desktop.

Doubleclick on the regquery.bat file to run it. It will open a Look.txt file. Attach the Look.txt file to your next post. Don't try to copy and paste it.
  • 0

#15
rubes
Posted 14 March 2006 - 11:07 AM

rubes

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Here's the Look.txt File

Attached Files

  • Attached File  Look.txt   97.19KB   250 downloads

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP