beemanbone
-
Content Count
31 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by beemanbone
-
-
Thank you so much for your assistance and patience.
Michael Brandon M.
-
I believe it is outbound, but I'm not sure. It says destination IP is 192.168.1.102. It happens even when I'm not connected to internet.
Here are the scan results...
Scan taken on 05 Jan 2008 11:45:25 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing
-
My computer is running better than ever.
There is one thing I noticed, though. I've installed a firewall, and it is constantly blocking the same intrusion. The application is C:\WINDOWS\system32\svchost.exe. Do you think it's a virus or trojan?
-
and finally, Section #4...........
I:\RECYCLED\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\RECYCLED\FOLDER.HTT
Disinfected
I:\audio\soundforge\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\audio\soundforge\FOLDER.HTT
Disinfected
I:\audio\ACID\songs\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\audio\ACID\songs\FOLDER.HTT
Disinfected
I:\audio\ACID\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\audio\ACID\FOLDER.HTT
Disinfected
I:\audio\rebirth2\Default Songs\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\audio\rebirth2\Default Songs\FOLDER.HTT
Disinfected
I:\audio\rebirth2\Demo Songs\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\audio\rebirth2\Demo Songs\FOLDER.HTT
Disinfected
I:\audio\rebirth2\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\audio\rebirth2\FOLDER.HTT
Disinfected
I:\audio\ZILLION\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\audio\ZILLION\FOLDER.HTT
Disinfected
I:\FAILSAFE.DRV\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\FAILSAFE.DRV\FOLDER.HTT
Disinfected
I:\unzipped\cdex_130\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\unzipped\cdex_130\FOLDER.HTT
Disinfected
I:\unzipped\cheatsheet_compiler\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\unzipped\cheatsheet_compiler\FOLDER.HTT
Disinfected
I:\My Documents BEE\Bee's Stuff\dload\sites\Main\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Bee's Stuff\dload\sites\Main\FOLDER.HTT
Disinfected
I:\My Documents BEE\Bee's Stuff\dload\sites\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Bee's Stuff\dload\sites\FOLDER.HTT
Disinfected
I:\My Documents BEE\Bee's Stuff\dload\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Bee's Stuff\dload\FOLDER.HTT
Disinfected
I:\My Documents BEE\Bee's Stuff\dload\B T\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Bee's Stuff\dload\B T\FOLDER.HTT
Disinfected
I:\My Documents BEE\Bee's Stuff\dload\PowerDVD 5.0\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Bee's Stuff\dload\PowerDVD 5.0\FOLDER.HTT
Disinfected
I:\My Documents BEE\Bee's Stuff\Faye's Stuff\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Bee's Stuff\Faye's Stuff\FOLDER.HTT
Disinfected
I:\My Documents BEE\Bee's Stuff\Anime\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Bee's Stuff\Anime\FOLDER.HTT
Disinfected
I:\My Documents BEE\Bee's Stuff\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Bee's Stuff\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\system\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\system\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\addons\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\addons\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\skins\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\skins\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\download\bm98\3am\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\download\bm98\3am\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\download\bm98\housecat\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\download\bm98\housecat\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\download\bm98\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\download\bm98\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\download\bm98\applejuice2\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\download\bm98\applejuice2\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\download\bm98\Docs\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\download\bm98\Docs\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\download\bm98\Image\BM\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\download\bm98\Image\BM\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\download\bm98\Image\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\download\bm98\Image\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\download\bm98\success\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\download\bm98\success\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\download\bm98\loverebirth\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\download\bm98\loverebirth\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\download\bm98\breeze\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\download\bm98\breeze\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\download\bm98\lovesrebirth_truthmix\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\download\bm98\lovesrebirth_truthmix\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\logs\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\logs\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\sounds\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\sounds\FOLDER.HTT
Disinfected
I:\My Documents BEE\sysreset\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\sysreset\FOLDER.HTT
Disinfected
I:\My Documents BEE\Online UrL\East\news\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Online UrL\East\news\FOLDER.HTT
Disinfected
I:\My Documents BEE\Online UrL\East\music\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Online UrL\East\music\FOLDER.HTT
Disinfected
I:\My Documents BEE\Online UrL\East\culture\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Online UrL\East\culture\FOLDER.HTT
Disinfected
I:\My Documents BEE\Online UrL\East\anime\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Online UrL\East\anime\FOLDER.HTT
Disinfected
I:\My Documents BEE\Online UrL\East\language\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Online UrL\East\language\FOLDER.HTT
Disinfected
I:\My Documents BEE\Online UrL\East\film\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Online UrL\East\film\FOLDER.HTT
Disinfected
I:\My Documents BEE\Online UrL\East\D V D\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Online UrL\East\D V D\FOLDER.HTT
Disinfected
I:\My Documents BEE\Online UrL\East\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Online UrL\East\FOLDER.HTT
Disinfected
I:\My Documents BEE\Online UrL\BellSouth\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\My Documents BEE\Online UrL\BellSouth\FOLDER.HTT
Disinfected
J:\DATA\EN\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\DATA\EN\FOLDER.HTT
Disinfected
J:\CPQS\LANG\PQ\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\LANG\PQ\FOLDER.HTT
Disinfected
J:\CPQS\LANG\QR\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\LANG\QR\FOLDER.HTT
Disinfected
J:\CPQS\LANG\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\LANG\FOLDER.HTT
Disinfected
J:\CPQS\BOM\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\BOM\FOLDER.HTT
Disinfected
J:\CPQS\ACC\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\ACC\FOLDER.HTT
Disinfected
J:\CPQS\QRIA\APPL.ZIP\INSTALL\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\QRIA\APPL.ZIP\INSTALL\FOLDER.HTT
Disinfected
J:\CPQS\QRIA\APPL.ZIP\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\QRIA\APPL.ZIP\FOLDER.HTT
Disinfected
J:\CPQS\QRIA\CPQS\QUICKSR\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\QRIA\CPQS\QUICKSR\FOLDER.HTT
Disinfected
J:\CPQS\QRIA\CPQS\SUPPORT\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\QRIA\CPQS\SUPPORT\FOLDER.HTT
Disinfected
J:\CPQS\QRIA\CPQS\TOOLS\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\QRIA\CPQS\TOOLS\FOLDER.HTT
Disinfected
J:\CPQS\QRIA\CPQS\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\QRIA\CPQS\FOLDER.HTT
Disinfected
J:\CPQS\QRIA\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\QRIA\FOLDER.HTT
Disinfected
J:\CPQS\TOOLS\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\TOOLS\FOLDER.HTT
Disinfected
J:\CPQS\PATCHES\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\PATCHES\FOLDER.HTT
Disinfected
J:\CPQS\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQS\FOLDER.HTT
Disinfected
J:\CPQDRV\1512970A06\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1512970A06\FOLDER.HTT
Disinfected
J:\CPQDRV\1512970A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1512970A\FOLDER.HTT
Disinfected
J:\CPQDRV\151297\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151297\FOLDER.HTT
Disinfected
J:\CPQDRV\151308\B2A30\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151308\B2A30\FOLDER.HTT
Disinfected
J:\CPQDRV\151308\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151308\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\151308\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151308\FOLDER.HTT
Disinfected
J:\CPQDRV\151360\B2A03\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151360\B2A03\FOLDER.HTT
Disinfected
J:\CPQDRV\151360\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151360\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\151360\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151360\FOLDER.HTT
Disinfected
J:\CPQDRV\151370\B2A05\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151370\B2A05\FOLDER.HTT
Disinfected
J:\CPQDRV\151370\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151370\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\151370\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151370\FOLDER.HTT
Disinfected
J:\CPQDRV\1514160A16\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1514160A16\FOLDER.HTT
Disinfected
J:\CPQDRV\1514160A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1514160A\FOLDER.HTT
Disinfected
J:\CPQDRV\151416\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151416\FOLDER.HTT
Disinfected
J:\CPQDRV\1515520A15\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1515520A15\FOLDER.HTT
Disinfected
J:\CPQDRV\1515520A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1515520A\FOLDER.HTT
Disinfected
J:\CPQDRV\151552\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151552\FOLDER.HTT
Disinfected
J:\CPQDRV\151558\B2A12\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151558\B2A12\FOLDER.HTT
Disinfected
J:\CPQDRV\151558\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151558\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\151558\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151558\FOLDER.HTT
Disinfected
J:\CPQDRV\1515800D01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1515800D01\FOLDER.HTT
Disinfected
J:\CPQDRV\1515800D\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1515800D\FOLDER.HTT
Disinfected
J:\CPQDRV\151580\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151580\FOLDER.HTT
Disinfected
J:\CPQDRV\151616\B2A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151616\B2A01\FOLDER.HTT
Disinfected
J:\CPQDRV\151616\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151616\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\151616\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151616\FOLDER.HTT
Disinfected
J:\CPQDRV\1516360A05\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1516360A05\FOLDER.HTT
Disinfected
J:\CPQDRV\1516360A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1516360A\FOLDER.HTT
Disinfected
J:\CPQDRV\151636\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151636\FOLDER.HTT
Disinfected
J:\CPQDRV\1516620A12\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1516620A12\FOLDER.HTT
Disinfected
J:\CPQDRV\1516620A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1516620A\FOLDER.HTT
Disinfected
J:\CPQDRV\151662\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151662\FOLDER.HTT
Disinfected
J:\CPQDRV\1516890A04\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1516890A04\FOLDER.HTT
Disinfected
J:\CPQDRV\1516890A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1516890A\FOLDER.HTT
Disinfected
J:\CPQDRV\151689\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151689\FOLDER.HTT
Disinfected
J:\CPQDRV\1516900A04\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1516900A04\FOLDER.HTT
Disinfected
J:\CPQDRV\1516900A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1516900A\FOLDER.HTT
Disinfected
J:\CPQDRV\151690\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151690\FOLDER.HTT
Disinfected
J:\CPQDRV\1516950A04\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1516950A04\FOLDER.HTT
Disinfected
J:\CPQDRV\1516950A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1516950A\FOLDER.HTT
Disinfected
J:\CPQDRV\151695\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151695\FOLDER.HTT
Disinfected
J:\CPQDRV\151697\B2A03\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151697\B2A03\FOLDER.HTT
Disinfected
J:\CPQDRV\151697\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151697\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\151697\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151697\FOLDER.HTT
Disinfected
J:\CPQDRV\151716\B2A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151716\B2A01\FOLDER.HTT
Disinfected
J:\CPQDRV\151716\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151716\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\151716\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\151716\FOLDER.HTT
Disinfected
J:\CPQDRV\155959\B2A22\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\155959\B2A22\FOLDER.HTT
Disinfected
J:\CPQDRV\155959\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\155959\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\155959\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\155959\FOLDER.HTT
Disinfected
J:\CPQDRV\1559920A03\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1559920A03\FOLDER.HTT
Disinfected
J:\CPQDRV\1559920A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1559920A\FOLDER.HTT
Disinfected
J:\CPQDRV\155992\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\155992\FOLDER.HTT
Disinfected
J:\CPQDRV\1559930A13\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1559930A13\FOLDER.HTT
Disinfected
J:\CPQDRV\1559930A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1559930A\FOLDER.HTT
Disinfected
J:\CPQDRV\155993\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\155993\FOLDER.HTT
Disinfected
J:\CPQDRV\1559940A06\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1559940A06\FOLDER.HTT
Disinfected
J:\CPQDRV\1559940A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1559940A\FOLDER.HTT
Disinfected
J:\CPQDRV\155994\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\155994\FOLDER.HTT
Disinfected
J:\CPQDRV\156020\B2A11\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156020\B2A11\FOLDER.HTT
Disinfected
J:\CPQDRV\156020\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156020\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\156020\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156020\FOLDER.HTT
Disinfected
J:\CPQDRV\1560280A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1560280A01\FOLDER.HTT
Disinfected
J:\CPQDRV\1560280A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1560280A\FOLDER.HTT
Disinfected
J:\CPQDRV\156028\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156028\FOLDER.HTT
Disinfected
J:\CPQDRV\156029\B2A02\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156029\B2A02\FOLDER.HTT
Disinfected
J:\CPQDRV\156029\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156029\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\156029\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156029\FOLDER.HTT
Disinfected
J:\CPQDRV\1561150A02\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1561150A02\FOLDER.HTT
Disinfected
J:\CPQDRV\1561150A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1561150A\FOLDER.HTT
Disinfected
J:\CPQDRV\156115\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156115\FOLDER.HTT
Disinfected
J:\CPQDRV\156121\B2A02\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156121\B2A02\FOLDER.HTT
Disinfected
J:\CPQDRV\156121\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156121\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\156121\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156121\FOLDER.HTT
Disinfected
J:\CPQDRV\1561990A04\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1561990A04\FOLDER.HTT
Disinfected
J:\CPQDRV\1561990A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1561990A\FOLDER.HTT
Disinfected
J:\CPQDRV\156199\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156199\FOLDER.HTT
Disinfected
J:\CPQDRV\156208\B2A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156208\B2A01\FOLDER.HTT
Disinfected
J:\CPQDRV\156208\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156208\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\156208\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156208\FOLDER.HTT
Disinfected
J:\CPQDRV\1562090A04\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562090A04\FOLDER.HTT
Disinfected
J:\CPQDRV\1562090A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562090A\FOLDER.HTT
Disinfected
J:\CPQDRV\156209\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156209\FOLDER.HTT
Disinfected
J:\CPQDRV\1562110A02\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562110A02\FOLDER.HTT
Disinfected
J:\CPQDRV\1562110A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562110A\FOLDER.HTT
Disinfected
J:\CPQDRV\156211\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156211\FOLDER.HTT
Disinfected
J:\CPQDRV\1562130A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562130A01\FOLDER.HTT
Disinfected
J:\CPQDRV\1562130A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562130A\FOLDER.HTT
Disinfected
J:\CPQDRV\156213\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156213\FOLDER.HTT
Disinfected
J:\CPQDRV\1562140A02\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562140A02\FOLDER.HTT
Disinfected
J:\CPQDRV\1562140A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562140A\FOLDER.HTT
Disinfected
J:\CPQDRV\156214\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156214\FOLDER.HTT
Disinfected
J:\CPQDRV\1562220A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562220A01\FOLDER.HTT
Disinfected
J:\CPQDRV\1562220A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562220A\FOLDER.HTT
Disinfected
J:\CPQDRV\156222\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156222\FOLDER.HTT
Disinfected
J:\CPQDRV\1562230A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562230A01\FOLDER.HTT
Disinfected
J:\CPQDRV\1562230A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562230A\FOLDER.HTT
Disinfected
J:\CPQDRV\156223\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156223\FOLDER.HTT
Disinfected
J:\CPQDRV\1562240A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562240A01\FOLDER.HTT
Disinfected
J:\CPQDRV\1562240A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562240A\FOLDER.HTT
Disinfected
J:\CPQDRV\156224\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156224\FOLDER.HTT
Disinfected
J:\CPQDRV\1562250A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562250A01\FOLDER.HTT
Disinfected
J:\CPQDRV\1562250A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562250A\FOLDER.HTT
Disinfected
J:\CPQDRV\156225\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156225\FOLDER.HTT
Disinfected
J:\CPQDRV\1562260A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562260A01\FOLDER.HTT
Disinfected
J:\CPQDRV\1562260A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562260A\FOLDER.HTT
Disinfected
J:\CPQDRV\156226\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156226\FOLDER.HTT
Disinfected
J:\CPQDRV\1562310A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562310A01\FOLDER.HTT
Disinfected
J:\CPQDRV\1562310A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562310A\FOLDER.HTT
Disinfected
J:\CPQDRV\156231\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156231\FOLDER.HTT
Disinfected
J:\CPQDRV\1562500A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562500A01\FOLDER.HTT
Disinfected
J:\CPQDRV\1562500A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1562500A\FOLDER.HTT
Disinfected
J:\CPQDRV\156250\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156250\FOLDER.HTT
Disinfected
J:\CPQDRV\156261\B2A02\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156261\B2A02\FOLDER.HTT
Disinfected
J:\CPQDRV\156261\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156261\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\156261\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156261\FOLDER.HTT
Disinfected
J:\CPQDRV\156354\B2A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156354\B2A01\FOLDER.HTT
Disinfected
J:\CPQDRV\156354\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156354\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\156354\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156354\FOLDER.HTT
Disinfected
J:\CPQDRV\156368\B2A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156368\B2A01\FOLDER.HTT
Disinfected
J:\CPQDRV\156368\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156368\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\156368\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156368\FOLDER.HTT
Disinfected
J:\CPQDRV\ICONS\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\ICONS\FOLDER.HTT
Disinfected
J:\CPQDRV\1559230A03\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1559230A03\FOLDER.HTT
Disinfected
J:\CPQDRV\1559230A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1559230A\FOLDER.HTT
Disinfected
J:\CPQDRV\155923\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\155923\FOLDER.HTT
Disinfected
J:\CPQDRV\1560250A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1560250A01\FOLDER.HTT
Disinfected
J:\CPQDRV\1560250A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1560250A\FOLDER.HTT
Disinfected
J:\CPQDRV\156025\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156025\FOLDER.HTT
Disinfected
J:\CPQDRV\156036\B2A13\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156036\B2A13\FOLDER.HTT
Disinfected
J:\CPQDRV\156036\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156036\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\156036\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156036\FOLDER.HTT
Disinfected
J:\CPQDRV\156045\B2A06\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156045\B2A06\FOLDER.HTT
Disinfected
J:\CPQDRV\156045\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156045\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\156045\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156045\FOLDER.HTT
Disinfected
J:\CPQDRV\156080\B2A09\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156080\B2A09\FOLDER.HTT
Disinfected
J:\CPQDRV\156080\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156080\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\156080\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156080\FOLDER.HTT
Disinfected
J:\CPQDRV\1560850A07\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1560850A07\FOLDER.HTT
Disinfected
J:\CPQDRV\1560850A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\1560850A\FOLDER.HTT
Disinfected
J:\CPQDRV\156085\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\156085\FOLDER.HTT
Disinfected
J:\CPQDRV\3249380H08\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\3249380H08\FOLDER.HTT
Disinfected
J:\CPQDRV\3249380H\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\3249380H\FOLDER.HTT
Disinfected
J:\CPQDRV\324938\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\324938\FOLDER.HTT
Disinfected
J:\CPQDRV\3249510R18\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\3249510R18\FOLDER.HTT
Disinfected
J:\CPQDRV\3249510R\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\3249510R\FOLDER.HTT
Disinfected
J:\CPQDRV\324951\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\324951\FOLDER.HTT
Disinfected
J:\CPQDRV\3249990L16\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\3249990L16\FOLDER.HTT
Disinfected
J:\CPQDRV\3249990L\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\3249990L\FOLDER.HTT
Disinfected
J:\CPQDRV\324999\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\324999\FOLDER.HTT
Disinfected
J:\CPQDRV\3518090D06\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\3518090D06\FOLDER.HTT
Disinfected
J:\CPQDRV\3518090D\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\3518090D\FOLDER.HTT
Disinfected
J:\CPQDRV\351809\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\351809\FOLDER.HTT
Disinfected
J:\CPQDRV\3520710D04\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\3520710D04\FOLDER.HTT
Disinfected
J:\CPQDRV\3520710D\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\3520710D\FOLDER.HTT
Disinfected
J:\CPQDRV\352071\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\352071\FOLDER.HTT
Disinfected
J:\CPQDRV\352115\B2A19\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\352115\B2A19\FOLDER.HTT
Disinfected
J:\CPQDRV\352115\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\352115\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\352115\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\352115\FOLDER.HTT
Disinfected
J:\CPQDRV\3522000A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\3522000A01\FOLDER.HTT
Disinfected
J:\CPQDRV\3522000A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\3522000A\FOLDER.HTT
Disinfected
J:\CPQDRV\352200\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\352200\FOLDER.HTT
Disinfected
J:\CPQDRV\352204\B2A01\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\352204\B2A01\FOLDER.HTT
Disinfected
J:\CPQDRV\352204\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\352204\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\352204\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\352204\FOLDER.HTT
Disinfected
J:\CPQDRV\400635\B2A21\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\400635\B2A21\FOLDER.HTT
Disinfected
J:\CPQDRV\400635\B2A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\400635\B2A\FOLDER.HTT
Disinfected
J:\CPQDRV\400635\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\400635\FOLDER.HTT
Disinfected
J:\CPQDRV\4006380A04\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\4006380A04\FOLDER.HTT
Disinfected
J:\CPQDRV\4006380A\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\4006380A\FOLDER.HTT
Disinfected
J:\CPQDRV\400638\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\400638\FOLDER.HTT
Disinfected
J:\CPQDRV\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\CPQDRV\FOLDER.HTT
Disinfected
J:\RECYCLED\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\RECYCLED\FOLDER.HTT
Disinfected
J:\msdownld.tmp\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
J:\msdownld.tmp\FOLDER.HTT
Disinfected
-
Section #3........
I:\Program Files\FruityLoops\Plugins\VST\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\VST\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Generators\Wasp\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Generators\Wasp\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Generators\Wasp\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Generators\Wasp\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Images\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Images\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Data\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Data\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Generators\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Generators\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Effects\Fruity NoteBook\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Effects\Fruity NoteBook\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Effects\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Effects\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity NoteBook\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity NoteBook\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Data\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Data\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Images\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Images\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\SimSynth\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\SimSynth\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\Fruity\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\Fruity\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Plugins\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Plugins\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Config\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Config\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Goodies\FLP file format\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Goodies\FLP file format\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Goodies\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Goodies\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Help\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Help\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Internet\About\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Internet\About\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Internet\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Internet\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Loops\Basic\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Loops\Basic\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Loops\Cool stuff\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Loops\Cool stuff\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Loops\Cover songs\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Loops\Cover songs\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Loops\DrumSynth\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Loops\DrumSynth\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Loops\MIDI\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Loops\MIDI\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Loops\Remixes\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Loops\Remixes\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Loops\Songwriters\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Loops\Songwriters\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Loops\TS404\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Loops\TS404\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Loops\Covers\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Loops\Covers\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Loops\Misc\DrumSynth\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Loops\Misc\DrumSynth\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Loops\Misc\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Loops\Misc\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Loops\Tutorial\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Loops\Tutorial\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Loops\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Loops\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Artwork\Full\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Artwork\Full\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Artwork\Wallpapers\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Artwork\Wallpapers\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Artwork\Skins\Default\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Artwork\Skins\Default\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Artwork\Skins\New steps\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Artwork\Skins\New steps\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Artwork\Skins\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Artwork\Skins\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Artwork\Demo\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Artwork\Demo\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Artwork\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Artwork\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\WAV\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\WAV\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\MIDI\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\MIDI\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\8 channels\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\8 channels\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Acoustic\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Acoustic\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 78\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 78\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 8000\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 8000\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Effects\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Effects\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Electro\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Electro\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Percussion\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Percussion\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\R & B\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\R & B\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Techno\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Techno\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 808\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 808\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 909\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 909\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\Basic\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\Basic\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\Basic TS404\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\Basic TS404\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\Club basic\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\Club basic\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\Empty\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\Empty\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\Studio\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\Studio\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\808\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\808\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\ReBirth\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\ReBirth\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumKits\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumKits\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Basic\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Basic\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Extra\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Extra\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Instruments\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Instruments\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\ml_shapes\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\ml_shapes\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Andrew\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Andrew\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\bass\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\bass\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\drums\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\drums\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Echo delay FX\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Echo delay FX\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Extra\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Extra\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\FX\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\FX\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Long\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Long\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\misc synths\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\misc synths\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Short\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Short\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\string vars\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\string vars\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Strings\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Strings\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Synth\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Synth\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Andrew\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Andrew\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\Guitar\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\Guitar\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Instruments\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Instruments\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Packs\Basic\Basses\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Packs\Basic\Basses\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Packs\Basic\General\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Packs\Basic\General\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Packs\Basic\HiHats\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Packs\Basic\HiHats\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\Looped\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\Looped\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Packs\Basic\Kicks\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Packs\Basic\Kicks\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Packs\Basic\Snares\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Packs\Basic\Snares\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Packs\Basic\Stabs\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Packs\Basic\Stabs\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Packs\Basic\Voices\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Packs\Basic\Voices\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Packs\Basic\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Packs\Basic\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Packs\ReBirth import (LQ)\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Packs\ReBirth import (LQ)\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Packs\Vintage\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Packs\Vintage\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Packs\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Packs\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DS_Instruments\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DS_Instruments\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DS_Various\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DS_Various\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\TS404 presets\Extra\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\TS404 presets\Extra\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\TS404 presets\Extra2\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\TS404 presets\Extra2\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\TS404 presets\Extra3\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\TS404 presets\Extra3\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\TS404 presets\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\TS404 presets\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\Fruity 7 band EQ\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\Fruity 7 band EQ\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\Fruity delay\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\Fruity delay\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\Fruity filter\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\Fruity filter\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\Fruity free filter\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\Fruity free filter\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\Fruity reeverb\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\Fruity reeverb\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\WASP\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\WASP\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\Plucked!\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\Plucked!\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\BeepMap\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\BeepMap\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\3x Osc\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\3x Osc\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\MIDI out\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\MIDI out\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\Fruity phaser\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\Fruity phaser\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\Fruity PanOMatic\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\Fruity PanOMatic\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\Fruity flanger\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\Fruity flanger\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\Fruity wrapper\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\Fruity wrapper\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\SimSynth\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\SimSynth\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FX presets\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FX presets\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Humanize presets\Grooves\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Humanize presets\Grooves\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Humanize presets\Level\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Humanize presets\Level\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Humanize presets\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Humanize presets\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SS_Effects\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SS_Effects\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SS_Instruments\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SS_Instruments\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SS2_Effects\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SS2_Effects\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SS2_Extra\2.7\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SS2_Extra\2.7\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SS2_Extra\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SS2_Extra\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SS2_Instruments\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SS2_Instruments\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SS2_Riffs\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SS2_Riffs\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\TS404 shapes\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\TS404 shapes\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Used by tunes\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Used by tunes\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Channel presets\BeepMap\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Channel presets\BeepMap\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\Effects\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\Effects\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\Channel presets\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\Channel presets\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumSynth\Fuzz\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumSynth\Fuzz\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumSynth\Instruments\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumSynth\Instruments\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumSynth\Various\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumSynth\Various\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\DrumSynth\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\DrumSynth\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SimSynth\Effects\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SimSynth\Effects\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SimSynth\Effects 2\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SimSynth\Effects 2\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SimSynth\Extra\2.7\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SimSynth\Extra\2.7\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SimSynth\Extra\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SimSynth\Extra\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SimSynth\Instruments\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SimSynth\Instruments\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SimSynth\Instruments 2\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SimSynth\Instruments 2\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SimSynth\Riffs\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SimSynth\Riffs\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\SimSynth\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\SimSynth\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\System\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\System\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\STARTSONG\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\STARTSONG\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Samples\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Samples\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins\3D Wheels\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins\3D Wheels\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins\Big Scope\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins\Big Scope\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins\Dark keyboard\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins\Dark keyboard\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins\Default\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins\Default\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins\Grip\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins\Grip\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins\Lights\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins\Lights\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins\Magnum\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins\Magnum\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins\My little playlist\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins\My little playlist\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins\Red LCD\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins\Red LCD\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins\Red White Keys\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins\Red White Keys\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins\Wide\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins\Wide\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins 3\Default\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins 3\Default\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins 3\New steps\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins 3\New steps\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Skins 3\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Skins 3\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Texts\html\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Texts\html\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Texts\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Texts\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Tools\BeatSlicer\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Tools\BeatSlicer\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Tools\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Tools\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\Trash bin\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\Trash bin\FOLDER.HTT
Disinfected
I:\Program Files\FruityLoops\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\FruityLoops\FOLDER.HTT
Disinfected
I:\Program Files\igowin\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\igowin\FOLDER.HTT
Disinfected
I:\Program Files\CHANGJIE\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\CHANGJIE\FOLDER.HTT
Disinfected
I:\Program Files\PowerDVD\Skins\Crystal\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\PowerDVD\Skins\Crystal\FOLDER.HTT
Disinfected
I:\Program Files\PowerDVD\Skins\Neo\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\PowerDVD\Skins\Neo\FOLDER.HTT
Disinfected
I:\Program Files\PowerDVD\Skins\Oscar\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\PowerDVD\Skins\Oscar\FOLDER.HTT
Disinfected
I:\Program Files\PowerDVD\Skins\Epiphany\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\PowerDVD\Skins\Epiphany\FOLDER.HTT
Disinfected
I:\Program Files\PowerDVD\Skins\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\PowerDVD\Skins\FOLDER.HTT
Disinfected
I:\Program Files\PowerDVD\HTML\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\PowerDVD\HTML\FOLDER.HTT
Disinfected
I:\Program Files\PowerDVD\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\PowerDVD\FOLDER.HTT
Disinfected
-
Section#2....
I:\Program Files\Trident Microsystems, Inc\Display Driver\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Trident Microsystems, Inc\Display Driver\FOLDER.HTT
Disinfected
I:\Program Files\Trident Microsystems, Inc\trident\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Trident Microsystems, Inc\trident\FOLDER.HTT
Disinfected
I:\Program Files\Trident Microsystems, Inc\trident\lessons\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Trident Microsystems, Inc\trident\lessons\FOLDER.HTT
Disinfected
I:\Program Files\Trident Microsystems, Inc\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Trident Microsystems, Inc\FOLDER.HTT
Disinfected
I:\Program Files\WinRAR\Formats\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\WinRAR\Formats\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Skins\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Skins\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\avs\newpicks\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\avs\newpicks\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\avs\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\avs\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\Images\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\Images\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\sayings\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\sayings\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\resources\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\resources\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\names\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\names\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\images\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\images\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\models\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\models\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\Dotorama\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\Dotorama\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\arsc\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\arsc\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\rsc\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\rsc\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Art\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Art\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Models\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Models\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\wtvis\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\wtvis\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\wt\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\wt\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\CLIMAX PRESETS\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\CLIMAX PRESETS\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\CLIMAX PALETTES\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\CLIMAX PALETTES\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\G-Force ColorMaps\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\G-Force ColorMaps\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\G-Force DeltaFields\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\G-Force DeltaFields\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\G-Force Particles\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\G-Force Particles\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\G-Force WaveShapes\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\G-Force WaveShapes\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\G-Force\Extras\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\G-Force\Extras\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\G-Force\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\G-Force\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\ml\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\ml\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\Plugins\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\Plugins\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\AOD\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\AOD\FOLDER.HTT
Disinfected
I:\Program Files\Winamp\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Winamp\FOLDER.HTT
Disinfected
I:\Program Files\AnalogX\Scratch\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\AnalogX\Scratch\FOLDER.HTT
Disinfected
I:\Program Files\AnalogX\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\AnalogX\FOLDER.HTT
Disinfected
I:\Program Files\WinZip\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\WinZip\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder (2)\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder (2)\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\OutputFiles\no artist\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\OutputFiles\no artist\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\OutputFiles\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\OutputFiles\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\OutputFiles\unknown artist\New CD\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\OutputFiles\unknown artist\New CD\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\OutputFiles\unknown artist\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\OutputFiles\unknown artist\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\LocalCDDB\blues\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\LocalCDDB\blues\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\LocalCDDB\classical\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\LocalCDDB\classical\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\LocalCDDB\country\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\LocalCDDB\country\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\LocalCDDB\data\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\LocalCDDB\data\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\LocalCDDB\folk\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\LocalCDDB\folk\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\LocalCDDB\jazz\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\LocalCDDB\jazz\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\LocalCDDB\misc\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\LocalCDDB\misc\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\LocalCDDB\newage\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\LocalCDDB\newage\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\LocalCDDB\reggae\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\LocalCDDB\reggae\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\LocalCDDB\rock\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\LocalCDDB\rock\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\LocalCDDB\soundtrack\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\LocalCDDB\soundtrack\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\LocalCDDB\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\LocalCDDB\FOLDER.HTT
Disinfected
I:\Program Files\cdex 130\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\cdex 130\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\motion\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\motion\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Palettes\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Palettes\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\AEFilters\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\AEFilters\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\sweet\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\sweet\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Common\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Common\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Components\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Components\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Tools\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Tools\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Codecs\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Codecs\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Icons\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Icons\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Graphics\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Graphics\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Htmfiles\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Htmfiles\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Styles\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Styles\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Context\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Context\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Settings\DV - NTSC\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Settings\DV - NTSC\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Settings\DV - PAL\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Settings\DV - PAL\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Settings\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Settings\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\system\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\system\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Sample Folder\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Sample Folder\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Help\images\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Help\images\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Help\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Help\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Project-Archive\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Project-Archive\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\trunks.TMP\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\trunks.TMP\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Premiere 6.0\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Premiere 6.0\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\HTML\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\HTML\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\InterTrust\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\InterTrust\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Reader\JavaScripts\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Reader\JavaScripts\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Reader\SPPlugins\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Reader\SPPlugins\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Reader\Optional\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Reader\Optional\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Reader\Legal\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Reader\Legal\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Reader\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Reader\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\PFM\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\PFM\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Resource\CMap\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Resource\CMap\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Resource\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Resource\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Help\ENU\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Help\ENU\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\Help\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\Help\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Acrobat 5.0\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Acrobat 5.0\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Legal\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Legal\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Required\ImageReady Default Actions\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Required\ImageReady Default Actions\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Required\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Required\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To Graphics Editor\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To Graphics Editor\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To HTML Editor\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To HTML Editor\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Helpers\Preview In\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Helpers\Preview In\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Helpers\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Helpers\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Colors\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Colors\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Output Settings\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Output Settings\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Settings\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Settings\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\Adobe Photoshop Only\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\Adobe Photoshop Only\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Books\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Books\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\Adobe Photoshop Only\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\Adobe Photoshop Only\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Custom Shapes\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Custom Shapes\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Gray-Black Duotones\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Gray-Black Duotones\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\PANTONE® Duotones\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\PANTONE® Duotones\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Process Duotones\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Process Duotones\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Gray Quadtones\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Gray Quadtones\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\PANTONE® Quadtones\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\PANTONE® Quadtones\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Process Quadtones\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Process Quadtones\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Gray Tritones\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Gray Tritones\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\PANTONE® Tritones\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\PANTONE® Tritones\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Process Tritones\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Process Tritones\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Gradients\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Gradients\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Layouts\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Layouts\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\Adobe ImageReady Only\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\Adobe ImageReady Only\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\PostScript Patterns\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\PostScript Patterns\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Photoshop Actions\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Photoshop Actions\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Contours\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Contours\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Styles\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Styles\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Textures\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Textures\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\images\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\images\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\images\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\images\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Frame\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Frame\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Light\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Light\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\images\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\images\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Simple\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Simple\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\images\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\images\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\images\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\images\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Frame\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Frame\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 1\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 1\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\images\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\images\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\Tools\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\Tools\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\ZoomView\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\ZoomView\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Presets\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Presets\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Displacement Maps\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Displacement Maps\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Effects\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Effects\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\File Formats\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\File Formats\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\Lighting Styles\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\Lighting Styles\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Import-Export\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Import-Export\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Parser\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Parser\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Digimarc\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Digimarc\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Automate\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Automate\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Extensions\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Extensions\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\File Formats\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\File Formats\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Filters\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Filters\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Import-Export\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Import-Export\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\File Formats\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\File Formats\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\Filters\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\Filters\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Samples\ImageReady Animations\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Samples\ImageReady Animations\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Samples\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Samples\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Help\images\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Help\images\FOLDER.HTT
Disinfected
I:\Program Files\Adobe\Photoshop 7.0\Help\FOLDER.HTT
Infected with: VBS.Redlof.A (HTT)
I:\Program Files\Adobe\Photoshop 7.0\Help\FOLDER.HTT
Disinfected
-
I have to split up the log because I think it's too big to post.
Here is section #1.....
BitDefender Online Scanner
Scan report generated at: Fri, Jan 04, 2008 - 15:36:36
Scan path: A:\;C:\;D:\;E:\;F:\;G:\;I:\;J:\;
Statistics
Time
02:33:47
Files
918957
Folders
12491
Boot Sectors
6
Archives
19116
Packed Files
42240
Results
Identified Viruses
7
Infected Files
892
Suspect Files
0
Warnings
0
Disinfected
635
Deleted Files
257
Engines Info
Virus Definitions
885451
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
14
Archive plugins
38
Unpack plugins
7
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Deleted
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Deleted
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Deleted
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Deleted
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Deleted
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Deleted
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir
Deleted
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe.vir
Deleted
C:\qoobox\Quarantine\C\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe.vir
Deleted
C:\qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir
Deleted
C:\qoobox\Quarantine\C\Program Files\HP\Digital Imaging\bin\backupnotify.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Program Files\HP\Digital Imaging\bin\backupnotify.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Program Files\HP\Digital Imaging\bin\backupnotify.exe.vir
Deleted
C:\qoobox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir
Deleted
C:\qoobox\Quarantine\C\Program Files\Microsoft Money\System\mnyexpr.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Program Files\Microsoft Money\System\mnyexpr.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Program Files\Microsoft Money\System\mnyexpr.exe.vir
Deleted
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Deleted
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Deleted
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Deleted
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Deleted
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Deleted
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir
Deleted
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir
Deleted
C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\SMINST\RECGUARD.EXE.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\WINDOWS\SMINST\RECGUARD.EXE.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\SMINST\RECGUARD.EXE.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\dla\tfswctrl.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\WINDOWS\system32\dla\tfswctrl.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\dla\tfswctrl.exe.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\drvwek.dll.vir
Infected with: MemScan:Trojan.Virtumonde.IN
C:\qoobox\Quarantine\C\WINDOWS\system32\drvwek.dll.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\drvwek.dll.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\hkcmd.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\WINDOWS\system32\hkcmd.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\hkcmd.exe.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\hphmon05.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\WINDOWS\system32\hphmon05.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\hphmon05.exe.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\igfxtray.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\WINDOWS\system32\igfxtray.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\igfxtray.exe.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.dll.vir
Infected with: Trojan.Vundo.DVD
C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.dll.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.dll.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.exe.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\ps2.exe.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\WINDOWS\system32\ps2.exe.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\ps2.exe.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX44.tmp.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX44.tmp.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX44.tmp.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX47.tmp.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX47.tmp.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX47.tmp.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX48.tmp.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX48.tmp.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX48.tmp.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX4E.tmp.vir
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX4E.tmp.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX4E.tmp.vir
Deleted
C:\qoobox\Quarantine\C\WINDOWS\system32\rqronno.dll.vir
Infected with: Trojan.Vundo.DTJ
C:\qoobox\Quarantine\C\WINDOWS\system32\rqronno.dll.vir
Disinfection failed
C:\qoobox\Quarantine\C\WINDOWS\system32\rqronno.dll.vir
Deleted
C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip=>mljjk.dll
Infected with: Trojan.Vundo.ZAA
C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip=>mljjk.dll
Disinfection failed
C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip=>mljjk.dll
Deleted
C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip
Updated
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll
Infected with: Trojan.Vundo.ZAA
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll
Disinfection failed
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll
Deleted
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip
Updated
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll.1
Infected with: Trojan.Vundo.DVD
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll.1
Disinfection failed
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll.1
Deleted
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip
Updated
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>rqronno.dll
Infected with: Trojan.Vundo.DTJ
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>rqronno.dll
Disinfection failed
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>rqronno.dll
Deleted
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip
Updated
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>mljjk.dll
Infected with: Trojan.Vundo.ZAA
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>mljjk.dll
Disinfection failed
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>mljjk.dll
Deleted
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip
Updated
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>osCheck.exe
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>osCheck.exe
Disinfection failed
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>osCheck.exe
Deleted
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip
Updated
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>ccApp.exe
Infected with: Trojan.Dropper.Vundo.E
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>ccApp.exe
Disinfection failed
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>ccApp.exe
Deleted
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip
Updated
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056956.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056956.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056956.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056959.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056959.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056959.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056961.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056961.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056961.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056963.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056963.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056963.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056964.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056964.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056964.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056965.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056965.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056965.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056966.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056966.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056966.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056967.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056967.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056967.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056968.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056968.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056968.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056969.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056969.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056969.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056970.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056970.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056970.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056971.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056971.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056971.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056976.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056976.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056976.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056980.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056980.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056980.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056999.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056999.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056999.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057001.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057001.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057001.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057002.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057002.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057002.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057003.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057003.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057003.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057005.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057005.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057005.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057006.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057006.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057006.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057007.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057007.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057007.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057008.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057008.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057008.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057009.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057009.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057009.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057010.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057010.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057010.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057011.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057011.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057011.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057013.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057013.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057013.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057019.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057019.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057019.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057071.dll
Infected with: MemScan:Trojan.Virtumonde.IN
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057071.dll
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057071.dll
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057074.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057074.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057074.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057089.dll
Infected with: Trojan.Vundo.ZAA
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057089.dll
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057089.dll
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057109.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057109.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057109.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057110.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057110.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057110.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057114.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057114.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057114.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057115.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057115.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057115.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057117.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057117.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057117.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057118.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057118.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057118.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057119.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057119.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057119.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057120.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057120.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057120.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057121.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057121.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057121.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057122.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057122.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057122.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057123.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057123.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057123.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057124.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057124.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057124.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057127.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057127.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057127.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057128.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057128.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057128.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057138.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057138.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057138.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057199.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057199.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057199.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057200.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057200.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057200.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057202.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057202.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057202.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057203.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057203.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057203.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057204.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057204.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057204.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057205.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057205.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057205.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057206.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057206.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057206.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057207.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057207.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057207.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057208.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057208.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057208.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057209.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057209.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057209.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057210.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057210.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057210.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057211.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057211.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057211.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057212.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057212.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057212.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057215.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057215.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057215.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057268.dll
Infected with: Trojan.Vundo.DVD
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057268.dll
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057268.dll
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057269.dll
Infected with: Trojan.Vundo.DTJ
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057269.dll
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057269.dll
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058212.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058212.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058212.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058213.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058213.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058213.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058214.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058214.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058214.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058215.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058215.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058215.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058217.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058217.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058217.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058218.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058218.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058218.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058219.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058219.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058219.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058221.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058221.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058221.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058222.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058222.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058222.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058223.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058223.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058223.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058224.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058224.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058224.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058225.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058225.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058225.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058226.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058226.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058226.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058227.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058227.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058227.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058229.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058229.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058229.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058235.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058235.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058235.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058362.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058362.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058362.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058363.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058363.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058363.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058364.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058364.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058364.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058365.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058365.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058365.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058367.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058367.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058367.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058368.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058368.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058368.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058369.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058369.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058369.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058370.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058370.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058370.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058371.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058371.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058371.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058372.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058372.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058372.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058373.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058373.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058373.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058374.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058374.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058374.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058375.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058375.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058375.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058376.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058376.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058376.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058377.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058377.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058377.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058378.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058378.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058378.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058383.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058383.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058383.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058392.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058392.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058392.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058393.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058393.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058393.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058394.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058394.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058394.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058395.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058395.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058395.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058396.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058396.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058396.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058419.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058419.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058419.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058420.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058420.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058420.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058421.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058421.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058421.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058422.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058422.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058422.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058423.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058423.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058423.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058425.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058425.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058425.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058426.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058426.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058426.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058427.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058427.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058427.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058428.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058428.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058428.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058429.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058429.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058429.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058430.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058430.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058430.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058431.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058431.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058431.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058432.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058432.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058432.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058433.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058433.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058433.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058434.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058434.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058434.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058438.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058438.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058438.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058443.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058443.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058443.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058461.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058461.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058461.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058462.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058462.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058462.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058464.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058464.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058464.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058465.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058465.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058465.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058466.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058466.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058466.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058467.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058467.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058467.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058469.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058469.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058469.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058470.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058470.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058470.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058471.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058471.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058471.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058472.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058472.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058472.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058473.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058473.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058473.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058474.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058474.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058474.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058475.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058475.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058475.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058476.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058476.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058476.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058477.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058477.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058477.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058478.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058478.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058478.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058479.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058479.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058479.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058480.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058480.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058480.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058516.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058516.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058516.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058518.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058518.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058518.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058520.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058520.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058520.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058521.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058521.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058521.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058522.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058522.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058522.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058523.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058523.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058523.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058525.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058525.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058525.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058527.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058527.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058527.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058532.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058532.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058532.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058533.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058533.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058533.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058540.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058540.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058540.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058542.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058542.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058542.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058543.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058543.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058543.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058545.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058545.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058545.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058546.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058546.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058546.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058548.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058548.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058548.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058549.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058549.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058549.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058550.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058550.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058550.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058551.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058551.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058551.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058552.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058552.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058552.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058553.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058553.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058553.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058554.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058554.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058554.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058555.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058555.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058555.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058556.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058556.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058556.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058557.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058557.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058557.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058558.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058558.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058558.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058559.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058559.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058559.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058560.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058560.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058560.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058561.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058561.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058561.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058562.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058562.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058562.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058563.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058563.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058563.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058601.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058601.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058601.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058602.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058602.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058602.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058603.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058603.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058603.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058604.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058604.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058604.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058605.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058605.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058605.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058606.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058606.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058606.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058608.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058608.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058608.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058609.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058609.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058609.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058610.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058610.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058610.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058611.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058611.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058611.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058612.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058612.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058612.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058613.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058613.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058613.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058614.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058614.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058614.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058615.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058615.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058615.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058617.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058617.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058617.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058618.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058618.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058618.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058620.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058620.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058620.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058625.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058625.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058625.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058626.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058626.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058626.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058627.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058627.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058627.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058628.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058628.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058628.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058629.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058629.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058629.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058641.EXE
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058641.EXE
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058641.EXE
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058642.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058642.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058642.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058643.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058643.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058643.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058644.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058644.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058644.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058645.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058645.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058645.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058646.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058646.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058646.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058647.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058647.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058647.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058648.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058648.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058648.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058649.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058649.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058649.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058650.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058650.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058650.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058651.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058651.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058651.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058652.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058652.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058652.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058653.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058653.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058653.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058654.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058654.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058654.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058655.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058655.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058655.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058656.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058656.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058656.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058657.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058657.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058657.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058658.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058658.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058658.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058659.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058659.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058659.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058660.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058660.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058660.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058661.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058661.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058661.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058662.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058662.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058662.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058663.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058663.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058663.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058664.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058664.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058664.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058665.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058665.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058665.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058666.exe
Infected with: Trojan.Dropper.Vundo.E
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058666.exe
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058666.exe
Deleted
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058671.dll
Infected with: Trojan.Vundo.ZAA
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058671.dll
Disinfection failed
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058671.dll
Deleted
-
I'm sorry.
Avast says: Pandahttp://acs.pandasoftware.com/activescan/as5free/motor.cab\pskavs.DLL
Win32:CTX
Virus/Worm
-
Avast says it's trying to download a virus
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:30:23 PM, on 1/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s
O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10709 bytes
-
ComboFix 07-12-31.4 - Owner 2008-01-04 12:26:14.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.311 [GMT -6:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
.
The following files were disabled during the run:
C:\WINDOWS\system32\guard32.dll
((((((((((((((((((((((((( Files Created from 2007-12-04 to 2008-01-04 )))))))))))))))))))))))))))))))
.
2008-01-04 08:16 . 2008-01-04 08:16 <DIR> d-------- C:\Program Files\SiteAdvisor
2008-01-04 08:16 . 2008-01-04 08:16 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2008-01-04 08:05 . 2008-01-04 08:07 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-01-04 07:59 . 2008-01-04 07:59 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\SiteAdvisor
2008-01-04 07:59 . 2008-01-04 08:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-01-04 07:59 . 2008-01-04 08:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-01-04 07:44 . 2008-01-04 07:44 <DIR> d-------- C:\Program Files\COMODO
2008-01-04 07:44 . 2008-01-04 07:44 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Comodo
2008-01-04 07:44 . 2008-01-04 07:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\comodo
2008-01-04 07:44 . 2008-01-04 07:44 139,008 --a------ C:\WINDOWS\system32\guard32.dll.vir
2008-01-04 07:44 . 2008-01-04 07:44 79,096 --a------ C:\WINDOWS\system32\drivers\cmdGuard.sys
2008-01-04 07:44 . 2008-01-04 07:44 23,672 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys
2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-02 16:15 . 2007-12-04 06:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-01-02 16:15 . 2007-12-04 08:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-01-02 16:15 . 2007-12-04 08:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-01-02 16:15 . 2007-12-04 08:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-01-02 16:15 . 2007-12-04 08:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-01-02 16:15 . 2007-12-04 08:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-01-02 16:14 . 2008-01-02 16:14 <DIR> d-------- C:\Program Files\Avast4
2008-01-02 16:14 . 2007-12-04 07:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-01-02 16:14 . 2004-01-09 03:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-01-02 12:57 . 2008-01-02 01:53 483,328 --a------ C:\WINDOWS\system32\hphmon05.exe
2008-01-02 12:57 . 2008-01-02 01:53 155,648 --a------ C:\WINDOWS\system32\igfxtray.exe
2008-01-02 12:57 . 2008-01-02 01:53 118,784 --a------ C:\WINDOWS\system32\hkcmd.exe
2008-01-02 12:57 . 2008-01-02 01:53 81,920 --a------ C:\WINDOWS\system32\ps2.exe
2008-01-02 08:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a--c--- C:\WINDOWS\system32\dllcache\ctfmon.exe
2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe
2007-12-19 22:26 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-12-19 22:26 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-12-19 22:26 . 2007-12-19 22:57 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2007-12-19 22:26 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-12-19 22:26 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-12-19 22:26 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Program Files\Lavasoft
2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-12-19 16:12 . 2007-12-19 16:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-19 15:53 . 2007-12-19 15:54 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AdwareAlert
2007-12-19 15:20 . 2007-12-19 15:20 <DIR> d-------- C:\Program Files\Trend Micro
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-04 18:15 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-02 22:47 --------- d-----w C:\Program Files\Morpheus
2008-01-02 21:41 --------- d-----w C:\Program Files\Symantec
2008-01-02 21:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-02 14:51 --------- d-----w C:\Program Files\QuickTime
2007-12-19 20:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-16 17:07 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso
2007-11-26 01:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 23:39 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-09-01 12:55 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys
.
((((((((((((((((((((((((((((( snapshot_2008-01-02_ 9.01.43.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-04 03:32:00 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\imjpmig.exe
+ 2007-12-20 13:14:23 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\IMJPMIG.EXE
- 2002-08-29 12:00:00 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\imekrmig.exe
+ 2007-12-20 13:14:27 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
+ 2008-01-02 07:53:21 233,472 ----a-w C:\WINDOWS\SMINST\RECGUARD.EXE
+ 2008-01-02 07:53:56 114,741 ----a-w C:\WINDOWS\system32\dla\tfswctrl.exe
- 2002-08-29 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe
+ 2007-12-20 13:14:27 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe
- 2004-08-04 03:32:00 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe
+ 2007-12-20 13:14:23 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe
- 2004-08-04 03:31:50 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe
+ 2007-12-20 13:14:26 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe
- 2004-08-04 03:32:16 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe
+ 2007-12-20 13:14:31 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe
+ 2008-01-04 13:44:03 74,616 ----a-w C:\WINDOWS\system32\drivers\inspect.sys
- 2004-08-04 03:31:50 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe
+ 2007-12-20 13:14:26 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
- 2004-08-04 03:32:16 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe
+ 2007-12-20 13:14:31 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
+ 2005-05-24 18:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 21:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 21:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2008-01-04 14:26:35 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_544.dat
+ 2008-01-04 13:47:52 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_594.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-12-20 07:14 15360]
"BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2008-01-02 01:54 32768]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-01-02 01:54 1694208]
"MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2008-01-02 01:54 200704]
"AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2008-01-02 01:53 233472]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2008-01-02 01:53 81920]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-01-02 01:53 155648]
"HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2008-01-02 01:53 483328]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-01-02 01:53 118784]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2008-01-02 01:53 114741]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-02 01:53 185896]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2008-01-02 01:54 57344]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2007-12-20 07:14 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2007-12-20 07:14 44032]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2007-12-20 07:14 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168]
"avast!"="C:\PROGRA~1\Avast4\ashDisp.exe" [2007-12-04 07:00 79224]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-01-04 07:44 1481984]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [2007-12-04 15:03 36640]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2006-09-02 17:36 100032]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"= C:\WINDOWS\system32\guard32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2008-01-02 01:54 57344 --a------ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]
2004-08-16 16:45 45056 --a------ C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus XtremeG]
2004-09-22 13:08 987136 --a------ C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
2003-08-21 05:23 49152 --a------ c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
1998-05-07 18:04 52736 --a------ c:\windows\system\hpsysdrv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2005-06-24 14:16 278528 --a------ C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
2003-02-11 21:02 61440 --a------ C:\HP\KBD\KBD.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2005-05-28 21:48 155648 --------- C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
2005-04-02 22:08 98304 --a------ C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient]
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2006-11-09 15:07 49263 --a------ C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]
2003-03-31 19:28 155648 --a------ C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Viewpoint Manager Service"=2 (0x2)
"StarWindService"=2 (0x2)
"Pml Driver HPZ12"=3 (0x3)
"ose"=3 (0x3)
"MDM"=2 (0x2)
"LiveUpdate"=3 (0x3)
"iPodService"=3 (0x3)
"IDriverT"=3 (0x3)
"comHost"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Automatic LiveUpdate Scheduler"=2 (0x2)
"Adobe LM Service"=3 (0x3)
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-01-04 07:44]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-01-04 07:44]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2004-09-02 21:01]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f31d8fe-21d6-11d9-928a-000c76ff2271}]
\Shell\AutoRun\command - H:\setupSNK.exe
*Newly Created Service* - CMDAGENT
*Newly Created Service* - CMDGUARD
*Newly Created Service* - CMDHLP
*Newly Created Service* - INSPECT
*Newly Created Service* - SITEADVISOR_SERVICE
.
Contents of the 'Scheduled Tasks' folder
"2007-12-19 21:53:35 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job"
- C:\Program Files\AdwareAlert\AdwareAlert.ex
- C:\Program Files\AdwareAlert
"2007-12-06 23:50:01 C:\WINDOWS\Tasks\EasyShare Registration Task.job"
- C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt _RegistrationOffer@16
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 12:28:22
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\guard32.dll
PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\WINDOWS\system32\guard32.dll
.
Completion time: 2008-01-04 12:29:28
C:\qoobox\ComboFix-quarantined-files.txt 2008-01-04 18:29:18
C:\qoobox\ComboFix2.txt 2008-01-03 13:25:41
C:\qoobox\ComboFix3.txt 2008-01-02 19:06:23
C:\qoobox\ComboFix4.txt 2008-01-02 15:02:19
C:\qoobox\ComboFix5.txt 2007-12-20 13:48:47
.
2008-01-04 13:22:12 --- E O F ---
-
Here it is.
Ran on Fri 01/04/2008 - 12:15:01.40
Entries: 0 (0)
Directories: 0 Files: 0
Bytes: 0 Blocks: 0 -
Here's the log.
Ran on Fri 01/04/2008 - 7:25:52.65
------w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe
Entries: 1 (1)
Directories: 0 Files: 1
Bytes: 84,640 Blocks: 166 -
I: and J: are an external hard drive that I made using my old CPU's hard drive. It also did not run antivirus software.
Here is the new ComboFix log:
ComboFix 07-12-31.4 - Owner 2008-01-03 7:17:33.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.206 [GMT -6:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2007-12-03 to 2008-01-03 )))))))))))))))))))))))))))))))
.
2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\WINDOWS\LastGood
2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-02 16:15 . 2007-12-04 06:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-01-02 16:15 . 2007-12-04 08:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-01-02 16:15 . 2007-12-04 08:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-01-02 16:15 . 2007-12-04 08:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-01-02 16:15 . 2007-12-04 08:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-01-02 16:15 . 2007-12-04 08:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-01-02 16:14 . 2008-01-02 16:14 <DIR> d-------- C:\Program Files\Avast4
2008-01-02 16:14 . 2007-12-04 07:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-01-02 16:14 . 2004-01-09 03:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-01-02 12:57 . 2008-01-02 01:53 483,328 --a------ C:\WINDOWS\system32\hphmon05.exe
2008-01-02 12:57 . 2008-01-02 01:53 155,648 --a------ C:\WINDOWS\system32\igfxtray.exe
2008-01-02 12:57 . 2008-01-02 01:53 118,784 --a------ C:\WINDOWS\system32\hkcmd.exe
2008-01-02 12:57 . 2008-01-02 01:53 81,920 --a------ C:\WINDOWS\system32\ps2.exe
2008-01-02 08:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a--c--- C:\WINDOWS\system32\dllcache\ctfmon.exe
2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe
2007-12-19 22:26 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-12-19 22:26 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-12-19 22:26 . 2007-12-19 22:57 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2007-12-19 22:26 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-12-19 22:26 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-12-19 22:26 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Program Files\Lavasoft
2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-12-19 16:12 . 2007-12-19 16:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-19 15:53 . 2007-12-19 15:54 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AdwareAlert
2007-12-19 15:20 . 2007-12-19 15:20 <DIR> d-------- C:\Program Files\Trend Micro
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-02 22:47 --------- d-----w C:\Program Files\Morpheus
2008-01-02 21:43 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-02 21:41 --------- d-----w C:\Program Files\Symantec
2008-01-02 21:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-02 14:51 --------- d-----w C:\Program Files\QuickTime
2007-12-19 20:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-16 17:07 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso
2007-11-26 01:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 23:39 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-09-01 12:55 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys
.
------w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe
((((((((((((((((((((((((((((( snapshot_2008-01-02_ 9.01.43.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-04 03:32:00 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\imjpmig.exe
+ 2007-12-20 13:14:23 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\IMJPMIG.EXE
- 2002-08-29 12:00:00 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\imekrmig.exe
+ 2007-12-20 13:14:27 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
+ 2008-01-02 07:53:21 233,472 ----a-w C:\WINDOWS\SMINST\RECGUARD.EXE
+ 2008-01-02 07:53:56 114,741 ----a-w C:\WINDOWS\system32\dla\tfswctrl.exe
- 2002-08-29 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe
+ 2007-12-20 13:14:27 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe
- 2004-08-04 03:32:00 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe
+ 2007-12-20 13:14:23 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe
- 2004-08-04 03:31:50 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe
+ 2007-12-20 13:14:26 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe
- 2004-08-04 03:32:16 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe
+ 2007-12-20 13:14:31 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe
- 2004-08-04 03:31:50 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe
+ 2007-12-20 13:14:26 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
- 2004-08-04 03:32:16 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe
+ 2007-12-20 13:14:31 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
+ 2005-05-24 18:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 21:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 21:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2008-01-02 23:32:58 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_4f0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-12-20 07:14 15360]
"BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2008-01-02 01:54 32768]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-01-02 01:54 1694208]
"MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2008-01-02 01:54 200704]
"AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2008-01-02 01:53 233472]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2008-01-02 01:53 81920]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-01-02 01:53 155648]
"HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2008-01-02 01:53 483328]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-01-02 01:53 118784]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2008-01-02 01:53 114741]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-02 01:53 185896]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2008-01-02 01:54 57344]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2007-12-20 07:14 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2007-12-20 07:14 44032]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2007-12-20 07:14 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168]
"avast!"="C:\PROGRA~1\Avast4\ashDisp.exe" [2007-12-04 07:00 79224]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2006-09-02 17:36 100032]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2008-01-02 01:54 57344 --a------ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]
2004-08-16 16:45 45056 --a------ C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus XtremeG]
2004-09-22 13:08 987136 --a------ C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
2003-08-21 05:23 49152 --a------ c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
1998-05-07 18:04 52736 --a------ c:\windows\system\hpsysdrv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2005-06-24 14:16 278528 --a------ C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
2003-02-11 21:02 61440 --a------ C:\HP\KBD\KBD.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2005-05-28 21:48 155648 --------- C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
2005-04-02 22:08 98304 --a------ C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient]
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2006-11-09 15:07 49263 --a------ C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]
2003-03-31 19:28 155648 --a------ C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Viewpoint Manager Service"=2 (0x2)
"StarWindService"=2 (0x2)
"Pml Driver HPZ12"=3 (0x3)
"ose"=3 (0x3)
"MDM"=2 (0x2)
"LiveUpdate"=3 (0x3)
"iPodService"=3 (0x3)
"IDriverT"=3 (0x3)
"comHost"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Automatic LiveUpdate Scheduler"=2 (0x2)
"Adobe LM Service"=3 (0x3)
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2004-09-02 21:01]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f31d8fe-21d6-11d9-928a-000c76ff2271}]
\Shell\AutoRun\command - H:\setupSNK.exe
*Newly Created Service* - AAVMKER4
*Newly Created Service* - ASWMON2
*Newly Created Service* - ASWRDR
*Newly Created Service* - ASWTDI
*Newly Created Service* - ASWUPDSV
*Newly Created Service* - AVAST!_ANTIVIRUS
*Newly Created Service* - AVAST!_MAIL_SCANNER
*Newly Created Service* - AVAST!_WEB_SCANNER
.
Contents of the 'Scheduled Tasks' folder
"2007-12-19 21:53:35 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job"
- C:\Program Files\AdwareAlert\AdwareAlert.ex
- C:\Program Files\AdwareAlert
"2007-12-06 23:50:01 C:\WINDOWS\Tasks\EasyShare Registration Task.job"
- C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt _RegistrationOffer@16
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-03 07:24:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-03 7:25:41
C:\qoobox\ComboFix-quarantined-files.txt 2008-01-03 13:25:18
C:\qoobox\ComboFix2.txt 2008-01-02 19:06:23
C:\qoobox\ComboFix3.txt 2008-01-02 15:02:19
C:\qoobox\ComboFix4.txt 2007-12-20 13:48:47
C:\qoobox\ComboFix5.txt 2007-12-20 04:52:57
.
2008-01-03 13:20:45 --- E O F ---
-
Here is the new hijackthis log.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:58:00 PM, on 1/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10062 bytes
-
Here is the log from the virus scan I completed.
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, January 02, 2008 11:56:47 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 3/01/2008
Kaspersky Anti-Virus database records: 501803
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
I:\
J:\
Scan Statistics:
Total number of scanned objects: 152088
Number of viruses found: 19
Number of infected objects: 922
Number of suspicious objects: 0
Duration of the scan process: 02:57:53
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-01-02_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\cert8.db Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\history.dat Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\key3.db Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\parent.lock Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Program Files\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Avast4\DATA\report\Resident protection.txt Object is locked skipped
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\HP\Digital Imaging\bin\backupnotify.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\Microsoft Money\System\mnyexpr.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\Outerinfo\FF\components\FF.dll.vir Infected: not-a-virus:AdWare.Win32.ZenoSearch.ad skipped
C:\qoobox\Quarantine\C\Program Files\Outerinfo\OiUninstaller.exe.vir/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.gn skipped
C:\qoobox\Quarantine\C\Program Files\Outerinfo\OiUninstaller.exe.vir NSIS: infected - 1 skipped
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\Program Files\yvqdgbir\qdsjihqj.dll.vir Infected: Trojan-Downloader.Win32.Zlob.fof skipped
C:\qoobox\Quarantine\C\WINDOWS\SMINST\RECGUARD.EXE.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\dla\tfswctrl.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\drvwek.dll.vir Infected: Trojan.Win32.Dialer.yz skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\hkcmd.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\hphmon05.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\igfxtray.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\njprckha\njprckha1.exe.vir Infected: not-a-virus:FraudTool.Win32.UltimateDefender.aa skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\njprckha\njprckha2.exe.vir Infected: not-a-virus:FraudTool.Win32.UltimateDefender.v skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\njprckha\njprckha3.exe.vir Infected: not-a-virus:Downloader.Win32.UltimateFix.d skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ps2.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX44.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX47.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX48.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\RCX4E.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip/mljjk.dll Infected: Virus.Win32.Trats.c skipped
C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip ZIP: infected - 1 skipped
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip/mljjk.dll Infected: Virus.Win32.Trats.c skipped
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip/rqronno.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.cln skipped
C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip ZIP: infected - 2 skipped
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip/mljjk.dll Infected: Virus.Win32.Trats.c skipped
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip/osCheck.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip/ccApp.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip ZIP: infected - 3 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056956.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056959.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056961.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056963.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056964.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056965.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056966.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056967.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056968.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056969.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056970.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056971.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056976.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056980.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056999.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057001.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057002.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057003.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057005.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057006.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057007.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057008.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057009.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057010.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057011.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057013.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057019.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057067.dll Infected: Trojan-Downloader.Win32.Zlob.fof skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057068.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.aa skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057069.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.v skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057070.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.d skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057071.dll Infected: Trojan.Win32.Dialer.yz skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057074.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057076.exe/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.gn skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057076.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057081.dll Infected: not-a-virus:AdWare.Win32.ZenoSearch.ad skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057089.dll Infected: Virus.Win32.Trats.c skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057109.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057110.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057114.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057115.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057117.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057118.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057119.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057120.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057121.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057122.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057123.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057124.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057127.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057128.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057138.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057199.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057200.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057202.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057203.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057204.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057205.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057206.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057207.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057208.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057209.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057210.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057211.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057212.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057215.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057249.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057250.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057251.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057269.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.cln skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058212.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058213.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058214.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058215.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058217.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058218.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058219.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058221.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058222.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058223.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058224.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058225.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058226.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058227.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058229.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058235.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058362.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058363.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058364.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058365.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058367.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058368.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058369.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058370.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058371.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058372.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058373.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058374.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058375.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058376.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058377.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058378.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058383.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058392.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058393.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058394.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058395.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058396.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058419.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058420.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058421.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058422.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058423.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058425.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058426.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058427.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058428.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058429.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058430.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058431.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058432.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058433.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058434.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058438.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058443.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058461.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058462.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058464.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058465.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058466.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058467.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058469.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058470.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058471.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058472.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058473.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058474.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058475.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058476.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058477.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058478.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058479.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058480.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058516.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058518.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058520.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058521.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058522.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058523.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058525.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058527.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058532.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058533.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058540.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058542.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058543.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058545.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058546.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058548.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058549.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058550.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058551.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058552.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058553.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058554.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058555.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058556.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058557.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058558.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058559.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058560.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058561.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058562.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058563.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058601.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058602.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058603.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058604.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058605.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058606.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058608.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058609.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058610.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058611.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058612.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058613.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058614.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058615.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058617.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058618.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058620.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058625.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058626.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058627.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058628.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058629.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058641.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058642.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058643.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058644.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058645.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058646.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058647.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058648.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058649.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058650.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058651.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058652.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058653.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058654.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058655.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058656.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058657.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058658.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058659.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058660.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058661.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058662.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058663.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058664.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058665.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058666.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058671.dll Infected: Virus.Win32.Trats.c skipped
C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP836\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{C93236CA-31EC-4962-926C-F618EDDE61EC}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\Antiviru.evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\TEMP\Perflib_Perfdata_4f0.dat Object is locked skipped
C:\WINDOWS\TEMP\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
I:\Program Files\Trident Microsystems, Inc\Display Driver\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Trident Microsystems, Inc\trident\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Trident Microsystems, Inc\trident\lessons\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Trident Microsystems, Inc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\WinRAR\Formats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\avs\newpicks\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\avs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\Images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\sayings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\resources\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\names\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\models\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\Dotorama\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\arsc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\rsc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Art\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Models\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\wtvis\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\wt\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\CLIMAX PRESETS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\CLIMAX PALETTES\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\G-Force ColorMaps\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\G-Force DeltaFields\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\G-Force Particles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\G-Force WaveShapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\G-Force\Extras\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\G-Force\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\ml\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\Plugins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\AOD\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Winamp\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\AnalogX\Scratch\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\AnalogX\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\WinZip\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder (2)\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\OutputFiles\no artist\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\OutputFiles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\OutputFiles\unknown artist\New CD\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\OutputFiles\unknown artist\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\LocalCDDB\blues\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\LocalCDDB\classical\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\LocalCDDB\country\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\LocalCDDB\data\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\LocalCDDB\folk\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\LocalCDDB\jazz\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\LocalCDDB\misc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\LocalCDDB\newage\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\LocalCDDB\reggae\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\LocalCDDB\rock\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\LocalCDDB\soundtrack\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\LocalCDDB\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\cdex 130\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\motion\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Palettes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\AEFilters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\sweet\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Common\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Components\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Tools\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Codecs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Icons\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Graphics\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Htmfiles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Styles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Context\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Plug-ins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Settings\DV - NTSC\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Settings\DV - PAL\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Settings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\system\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Sample Folder\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Help\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Project-Archive\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\trunks.TMP\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Premiere 6.0\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\HTML\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\InterTrust\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Reader\JavaScripts\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Reader\SPPlugins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Reader\Optional\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Reader\Legal\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Reader\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\PFM\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Resource\CMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Resource\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Help\ENU\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Acrobat 5.0\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Legal\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Required\ImageReady Default Actions\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Required\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To Graphics Editor\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To HTML Editor\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Helpers\Preview In\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Helpers\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Colors\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Output Settings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Settings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\Adobe Photoshop Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Books\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\Adobe Photoshop Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Custom Shapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Gray-Black Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\PANTONE® Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Process Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Gray Quadtones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\PANTONE® Quadtones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Process Quadtones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Gray Tritones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\PANTONE® Tritones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Process Tritones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Gradients\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Layouts\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\Adobe ImageReady Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\PostScript Patterns\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Photoshop Actions\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Contours\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Styles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Textures\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Frame\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Light\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Simple\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Frame\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 1\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\Tools\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\ZoomView\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Displacement Maps\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\File Formats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\Lighting Styles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Import-Export\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Parser\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Digimarc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Automate\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Extensions\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\File Formats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Filters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Import-Export\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\File Formats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\Filters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Samples\ImageReady Animations\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Samples\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Help\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\Adobe\Photoshop 7.0\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\VST\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Generators\Wasp\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Generators\Wasp\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Data\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Generators\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Effects\Fruity NoteBook\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity NoteBook\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Data\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\SimSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\Generators\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\Fruity\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Plugins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Config\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Goodies\FLP file format\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Goodies\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Internet\About\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Internet\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Loops\Basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Loops\Cool stuff\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Loops\Cover songs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Loops\DrumSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Loops\MIDI\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Loops\Remixes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Loops\Songwriters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Loops\TS404\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Loops\Covers\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Loops\Misc\DrumSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Loops\Misc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Loops\Tutorial\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Loops\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Artwork\Full\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Artwork\Wallpapers\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Artwork\Skins\Default\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Artwork\Skins\New steps\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Artwork\Skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Artwork\Demo\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\WAV\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\MIDI\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\8 channels\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Acoustic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 78\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 8000\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Electro\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Percussion\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\R & B\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Techno\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 808\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 909\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\Basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\Basic TS404\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\Club basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\Empty\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\Studio\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\808\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\ReBirth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumKits\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\ml_shapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Andrew\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Shapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\bass\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\drums\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Echo delay FX\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\FX\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Long\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\misc synths\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Short\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\string vars\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Strings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Synth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Andrew\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\Guitar\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Packs\Basic\Basses\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Packs\Basic\General\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Packs\Basic\HiHats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\Looped\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Packs\Basic\Kicks\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Packs\Basic\Snares\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Packs\Basic\Stabs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Packs\Basic\Voices\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Packs\Basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Packs\ReBirth import (LQ)\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Packs\Vintage\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Packs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DS_Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DS_Various\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\TS404 presets\Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\TS404 presets\Extra2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\TS404 presets\Extra3\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\TS404 presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\Fruity 7 band EQ\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\Fruity delay\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\Fruity filter\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\Fruity free filter\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\Fruity reeverb\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\WASP\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\Plucked!\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\BeepMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\3x Osc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\MIDI out\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\Fruity phaser\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\Fruity PanOMatic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\Fruity flanger\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\Fruity wrapper\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\SimSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FX presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Humanize presets\Grooves\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Humanize presets\Level\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Humanize presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SS_Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SS_Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SS2_Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SS2_Extra\2.7\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SS2_Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SS2_Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SS2_Riffs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\TS404 shapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Used by tunes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Channel presets\BeepMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\Channel presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumSynth\Fuzz\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumSynth\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumSynth\Various\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\DrumSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SimSynth\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SimSynth\Effects 2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SimSynth\Extra\2.7\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SimSynth\Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SimSynth\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SimSynth\Instruments 2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SimSynth\Riffs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\SimSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\System\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\STARTSONG\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Samples\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins\3D Wheels\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins\Big Scope\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins\Dark keyboard\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins\Default\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins\Grip\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins\Lights\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins\Magnum\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins\My little playlist\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins\Red LCD\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins\Red White Keys\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins\Wide\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins 3\Default\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins 3\New steps\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Skins 3\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Texts\html\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Texts\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Tools\BeatSlicer\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Tools\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\Trash bin\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\FruityLoops\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\igowin\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\CHANGJIE\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\PowerDVD\Skins\Crystal\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\PowerDVD\Skins\Neo\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\PowerDVD\Skins\Oscar\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\PowerDVD\Skins\Epiphany\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\PowerDVD\Skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\PowerDVD\HTML\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\Program Files\PowerDVD\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\RECYCLED\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\audio\soundforge\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\audio\ACID\songs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\audio\ACID\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\audio\rebirth2\Default Songs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\audio\rebirth2\Demo Songs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\audio\rebirth2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\audio\ZILLION\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\FAILSAFE.DRV\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\unzipped\cdex_130\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\unzipped\cheatsheet_compiler\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Bee's Stuff\dload\sites\Main\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Bee's Stuff\dload\sites\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Bee's Stuff\dload\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Bee's Stuff\dload\flashget dl.exe/WISE0018.BIN/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
I:\My Documents BEE\Bee's Stuff\dload\flashget dl.exe/WISE0018.BIN Infected: not-a-virus:AdWare.Win32.Cydoor skipped
I:\My Documents BEE\Bee's Stuff\dload\flashget dl.exe WiseSFX: infected - 2 skipped
I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/NHInstall.exe Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped
I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/v2.0.2.cab/NHUninstaller.exe Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped
I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/v2.0.2.cab/NHelper.dll Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped
I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/v2.0.2.cab/NHUpdater.exe Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped
I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/v2.0.2.cab Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped
I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009 Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped
I:\My Documents BEE\Bee's Stuff\dload\setup.exe NSIS: infected - 6 skipped
I:\My Documents BEE\Bee's Stuff\dload\B T\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Bee's Stuff\dload\PowerDVD 5.0\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Bee's Stuff\Faye's Stuff\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Bee's Stuff\Anime\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Bee's Stuff\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\system\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\addons\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.603 skipped
I:\My Documents BEE\sysreset\download\bm98\3am\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\download\bm98\housecat\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\download\bm98\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\download\bm98\applejuice2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\download\bm98\Docs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\download\bm98\Image\BM\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\download\bm98\Image\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\download\bm98\success\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\download\bm98\loverebirth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\download\bm98\breeze\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\download\bm98\lovesrebirth_truthmix\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\logs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\sounds\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\sysreset\sysreset251.exe/mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.603 skipped
I:\My Documents BEE\sysreset\sysreset251.exe RAR: infected - 1 skipped
I:\My Documents BEE\sysreset\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Online UrL\East\news\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Online UrL\East\music\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Online UrL\East\culture\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Online UrL\East\anime\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Online UrL\East\language\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Online UrL\East\film\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Online UrL\East\D V D\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Online UrL\East\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
I:\My Documents BEE\Online UrL\BellSouth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\DATA\EN\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\LANG\PQ\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\LANG\QR\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\LANG\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\BOM\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\ACC\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\QRIA\APPL.ZIP\INSTALL\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\QRIA\APPL.ZIP\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\QRIA\CPQS\QUICKSR\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\QRIA\CPQS\SUPPORT\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\QRIA\CPQS\TOOLS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\QRIA\CPQS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\QRIA\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\TOOLS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\PATCHES\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1512970A06\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1512970A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151297\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151308\B2A30\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151308\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151308\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151360\B2A03\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151360\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151360\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151370\B2A05\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151370\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151370\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1514160A16\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1514160A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151416\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1515520A15\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1515520A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151552\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151558\B2A12\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151558\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151558\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1515800D01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1515800D\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151580\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151616\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151616\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151616\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1516360A05\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1516360A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151636\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1516620A12\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1516620A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151662\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1516890A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1516890A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151689\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1516900A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1516900A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151690\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1516950A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1516950A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151695\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151697\B2A03\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151697\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151697\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151716\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151716\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\151716\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\155959\B2A22\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\155959\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\155959\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1559920A03\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1559920A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\155992\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1559930A13\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1559930A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\155993\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1559940A06\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1559940A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\155994\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156020\B2A11\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156020\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156020\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1560280A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1560280A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156028\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156029\B2A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156029\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156029\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1561150A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1561150A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156115\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156121\B2A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156121\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156121\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1561990A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1561990A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156199\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156208\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156208\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156208\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562090A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562090A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156209\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562110A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562110A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156211\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562130A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562130A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156213\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562140A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562140A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156214\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562220A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562220A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156222\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562230A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562230A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156223\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562240A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562240A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156224\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562250A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562250A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156225\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562260A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562260A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156226\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562310A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562310A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156231\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562500A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1562500A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156250\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156261\B2A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156261\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156261\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156354\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156354\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156354\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156368\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156368\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156368\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\ICONS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1559230A03\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1559230A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\155923\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1560250A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1560250A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156025\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156036\B2A13\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156036\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156036\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156045\B2A06\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156045\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156045\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156080\B2A09\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156080\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156080\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1560850A07\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\1560850A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\156085\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\3249380H08\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\3249380H\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\324938\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\3249510R18\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\3249510R\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\324951\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\3249990L16\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\3249990L\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\324999\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\3518090D06\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\3518090D\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\351809\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\3520710D04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\3520710D\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\352071\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\352115\B2A19\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\352115\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\352115\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\3522000A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\3522000A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\352200\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\352204\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\352204\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\352204\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\400635\B2A21\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\400635\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\400635\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\4006380A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\4006380A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\400638\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\CPQDRV\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\RECYCLED\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
J:\msdownld.tmp\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped
Scan process completed.
-
I believe I have Norton uninstalled. I have downloaded Avast.
-
2006, I think. I believe it's expired.
When I go to open Norton, it says it can't find file ccApp.exe.
-
Here's a new HijackThis Log...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:54:55 PM, on 1/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10375 bytes
-
I can't run Kaspersky Online Scanner. When I go to install the ActiveX component, it says it needs to configure ccCommon and to insert the disc that has ccCommon.
The 1st two steps I did. Here is the RenV log....
Ran on Wed 01/02/2008 - 12:57:10.15
------w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe
Entries: 1 (1)
Directories: 0 Files: 1
Bytes: 84,640 Blocks: 166Here is the Combofix log.............
ComboFix 07-12-31.4 - Owner 2008-01-02 13:03:13.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.331 [GMT -6:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Owner\Desktop\CFScript.txt
* Created a new restore point
FILE
C:\WINDOWS\system32\RCX44.tmp
C:\WINDOWS\system32\RCX48.tmp
C:\WINDOWS\system32\RCX4E.tmp
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\RCX44.tmp
C:\WINDOWS\system32\RCX48.tmp
C:\WINDOWS\system32\RCX4E.tmp
.
((((((((((((((((((((((((( Files Created from 2007-12-02 to 2008-01-02 )))))))))))))))))))))))))))))))
.
2008-01-02 12:57 . 2008-01-02 01:53 483,328 --a------ C:\WINDOWS\system32\hphmon05.exe
2008-01-02 12:57 . 2008-01-02 01:53 155,648 --a------ C:\WINDOWS\system32\igfxtray.exe
2008-01-02 12:57 . 2008-01-02 01:53 118,784 --a------ C:\WINDOWS\system32\hkcmd.exe
2008-01-02 12:57 . 2008-01-02 01:53 81,920 --a------ C:\WINDOWS\system32\ps2.exe
2008-01-02 08:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-12-20 08:58 . 2007-05-29 13:55 22,112 --a------ C:\WINDOWS\system32\drivers\COH_Mon.sys
2007-12-20 08:58 . 2007-05-29 13:55 10,592 --a------ C:\WINDOWS\system32\drivers\COH_Mon.cat
2007-12-20 08:58 . 2007-05-29 13:55 705 --a------ C:\WINDOWS\system32\drivers\COH_Mon.inf
2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a--c--- C:\WINDOWS\system32\dllcache\ctfmon.exe
2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe
2007-12-19 22:26 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-12-19 22:26 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-12-19 22:26 . 2007-12-19 22:57 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2007-12-19 22:26 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-12-19 22:26 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-12-19 22:26 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Program Files\Lavasoft
2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-12-19 16:12 . 2007-12-19 16:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-19 15:53 . 2007-12-19 15:54 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AdwareAlert
2007-12-19 15:20 . 2007-12-19 15:20 <DIR> d-------- C:\Program Files\Trend Micro
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-02 14:55 --------- d-----w C:\Program Files\Norton Internet Security
2008-01-02 14:55 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-02 14:51 --------- d-----w C:\Program Files\QuickTime
2007-12-20 14:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-12-20 14:56 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-12-20 14:56 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2007-12-20 14:56 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-12-20 14:56 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-12-20 14:56 --------- d-----w C:\Program Files\Symantec
2007-12-19 20:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-16 17:07 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso
2007-12-01 05:57 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys
2007-12-01 05:57 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys
2007-12-01 05:57 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys
2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat
2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat
2007-12-01 05:57 10,545 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat
2007-12-01 05:57 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf
2007-12-01 05:57 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf
2007-12-01 05:57 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf
2007-11-26 01:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-31 01:55 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll
2007-10-31 01:55 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 23:39 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-09-01 12:55 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys
.
------w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe
((((((((((((((((((((((((((((( snapshot_2008-01-02_ 9.01.43.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-04 03:32:00 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\imjpmig.exe
+ 2007-12-20 13:14:23 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\IMJPMIG.EXE
- 2002-08-29 12:00:00 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\imekrmig.exe
+ 2007-12-20 13:14:27 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
+ 2008-01-02 07:53:21 233,472 ----a-w C:\WINDOWS\SMINST\RECGUARD.EXE
+ 2008-01-02 07:53:56 114,741 ----a-w C:\WINDOWS\system32\dla\tfswctrl.exe
- 2002-08-29 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe
+ 2007-12-20 13:14:27 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe
- 2004-08-04 03:32:00 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe
+ 2007-12-20 13:14:23 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe
- 2004-08-04 03:31:50 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe
+ 2007-12-20 13:14:26 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe
- 2004-08-04 03:32:16 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe
+ 2007-12-20 13:14:31 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe
- 2004-08-04 03:31:50 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe
+ 2007-12-20 13:14:26 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
- 2004-08-04 03:32:16 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe
+ 2007-12-20 13:14:31 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-12-20 07:14 15360]
"BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2008-01-02 01:54 32768]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-01-02 01:54 1694208]
"MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2008-01-02 01:54 200704]
"AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2008-01-02 01:53 233472]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2008-01-02 01:53 81920]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [ ]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-01-02 01:53 155648]
"HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2008-01-02 01:53 483328]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-01-02 01:53 118784]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2008-01-02 01:53 114741]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [ ]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-02 01:53 185896]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2008-01-02 01:54 57344]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2007-12-20 07:14 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2007-12-20 07:14 44032]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2007-12-20 07:14 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2006-09-02 17:36 100032]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2008-01-02 01:54 57344 --a------ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]
2004-08-16 16:45 45056 --a------ C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus XtremeG]
2004-09-22 13:08 987136 --a------ C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
2003-08-21 05:23 49152 --a------ c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
1998-05-07 18:04 52736 --a------ c:\windows\system\hpsysdrv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2005-06-24 14:16 278528 --a------ C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
2003-02-11 21:02 61440 --a------ C:\HP\KBD\KBD.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2005-05-28 21:48 155648 --------- C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
2005-04-02 22:08 98304 --a------ C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient]
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2006-11-09 15:07 49263 --a------ C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]
2003-03-31 19:28 155648 --a------ C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Viewpoint Manager Service"=2 (0x2)
"StarWindService"=2 (0x2)
"Pml Driver HPZ12"=3 (0x3)
"ose"=3 (0x3)
"MDM"=2 (0x2)
"LiveUpdate"=3 (0x3)
"iPodService"=3 (0x3)
"IDriverT"=3 (0x3)
"comHost"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Automatic LiveUpdate Scheduler"=2 (0x2)
"Adobe LM Service"=3 (0x3)
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2004-09-02 21:01]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f31d8fe-21d6-11d9-928a-000c76ff2271}]
\Shell\AutoRun\command - H:\setupSNK.exe
*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2007-12-19 21:53:35 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job"
- C:\Program Files\AdwareAlert\AdwareAlert.ex
- C:\Program Files\AdwareAlert
"2007-12-06 23:50:01 C:\WINDOWS\Tasks\EasyShare Registration Task.job"
- C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt _RegistrationOffer@16
"2007-12-15 02:01:35 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Owner.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/TASK:
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-02 13:05:19
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-02 13:06:22
C:\qoobox\ComboFix-quarantined-files.txt 2008-01-02 19:06:00
C:\qoobox\ComboFix2.txt 2008-01-02 15:02:19
C:\qoobox\ComboFix3.txt 2007-12-20 13:48:47
C:\qoobox\ComboFix4.txt 2007-12-20 04:52:57
.
2008-01-02 14:35:19 --- E O F ---
-
And here's the other one.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:03:39 AM, on 1/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10057 bytes
-
OK. Here's one.
ComboFix 07-12-31.4 - Owner 2008-01-02 8:45:18.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.387 [GMT -6:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\Norton Internet Security\osCheck.exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SMINST\RECGUARD.EXE
C:\WINDOWS\system32\ctfmon.exe.tmp
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\hphmon05.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\kjjlm.ini
C:\WINDOWS\system32\kjjlm.ini2
C:\WINDOWS\system32\mljjk.dll
C:\WINDOWS\system32\mljjk.exe
C:\WINDOWS\system32\ps2.exe
.
((((((((((((((((((((((((( Files Created from 2007-12-02 to 2008-01-02 )))))))))))))))))))))))))))))))
.
2008-01-02 08:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-02 01:36 . 2008-01-02 01:37 335,360 --a------ C:\WINDOWS\system32\RCX4E.tmp
2007-12-20 08:58 . 2007-05-29 13:55 22,112 --a------ C:\WINDOWS\system32\drivers\COH_Mon.sys
2007-12-20 08:58 . 2007-05-29 13:55 10,592 --a------ C:\WINDOWS\system32\drivers\COH_Mon.cat
2007-12-20 08:58 . 2007-05-29 13:55 705 --a------ C:\WINDOWS\system32\drivers\COH_Mon.inf
2007-12-20 07:14 . 2007-12-20 07:14 335,360 --a------ C:\WINDOWS\system32\RCX48.tmp
2007-12-19 22:47 . 2004-08-03 23:56 15,360 --a--c--- C:\WINDOWS\system32\dllcache\ctfmon.exe
2007-12-19 22:47 . 2004-08-03 23:56 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe
2007-12-19 22:26 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-12-19 22:26 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-12-19 22:26 . 2007-12-19 22:57 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2007-12-19 22:26 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-12-19 22:26 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-12-19 22:26 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Program Files\Lavasoft
2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-12-19 16:12 . 2007-12-19 16:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-19 15:53 . 2007-12-19 15:54 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AdwareAlert
2007-12-19 15:20 . 2007-12-19 15:20 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-19 14:58 . 2007-12-20 07:14 15,360 --a------ C:\WINDOWS\system32\ctfmon .exe
2007-12-19 14:57 . 2008-01-02 01:53 483,328 --a------ C:\WINDOWS\system32\hphmon05 .exe
2007-12-19 14:57 . 2007-12-19 14:57 335,360 --a------ C:\WINDOWS\system32\RCX44.tmp
2007-12-19 14:57 . 2008-01-02 01:53 155,648 --a------ C:\WINDOWS\system32\igfxtray .exe
2007-12-19 14:57 . 2008-01-02 01:53 118,784 --a------ C:\WINDOWS\system32\hkcmd .exe
2007-12-19 14:57 . 2008-01-02 01:53 81,920 --a------ C:\WINDOWS\system32\ps2 .exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-02 14:55 --------- d-----w C:\Program Files\Norton Internet Security
2008-01-02 14:55 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-02 14:51 --------- d-----w C:\Program Files\QuickTime
2007-12-20 14:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-12-20 14:56 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-12-20 14:56 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-12-20 14:56 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-12-20 14:56 --------- d-----w C:\Program Files\Symantec
2007-12-19 20:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-16 17:07 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso
2007-12-01 05:57 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys
2007-12-01 05:57 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys
2007-12-01 05:57 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys
2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat
2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat
2007-12-01 05:57 10,545 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat
2007-12-01 05:57 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf
2007-12-01 05:57 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf
2007-12-01 05:57 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf
2007-11-26 01:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-09-01 12:55 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys
.
----a-w 57,344 2008-01-02 07:54:05 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy .exe
----a-w 185,896 2008-01-02 07:53:56 C:\Program Files\Common Files\Real\Update_OB\realsched .exe
----a-w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe
----a-w 32,768 2008-01-02 07:54:21 C:\Program Files\HP\Digital Imaging\bin\backupnotify .exe
----a-w 1,694,208 2008-01-02 07:54:43 C:\Program Files\Messenger\msmsgs .exe
----a-w 200,704 2008-01-02 07:54:37 C:\Program Files\Microsoft Money\System\mnyexpr .exe
----a-w 208,952 2007-12-20 13:14:23 C:\WINDOWS\ime\imjp8_1\IMJPMIG .EXE
----a-w 44,032 2007-12-20 13:14:27 C:\WINDOWS\ime\imkr6_1\IMEKRMIG .EXE
----a-w 233,472 2008-01-02 07:53:21 C:\WINDOWS\SMINST\RECGUARD .EXE
----a-w 15,360 2007-12-20 13:14:38 C:\WINDOWS\system32\ctfmon .exe
----a-w 118,784 2008-01-02 07:53:40 C:\WINDOWS\system32\hkcmd .exe
----a-w 483,328 2008-01-02 07:53:35 C:\WINDOWS\system32\hphmon05 .exe
----a-w 155,648 2008-01-02 07:53:31 C:\WINDOWS\system32\igfxtray .exe
----a-w 81,920 2008-01-02 07:53:26 C:\WINDOWS\system32\ps2 .exe
----a-w 114,741 2008-01-02 07:53:56 C:\WINDOWS\system32\dla\tfswctrl .exe
----a-w 59,392 2007-12-20 13:14:26 C:\WINDOWS\system32\IME\PINTLGNT\ImScInst .exe
----a-w 455,168 2007-12-20 13:14:31 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP .EXE((((((((((((((((((((((((((((( snapshot@2007-12-19_22.51.08.62 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-03-13 16:57:10 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2000-08-31 14:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
- 2006-09-02 19:34:34 11,968 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
+ 2007-10-31 01:55:14 12,848 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
- 2006-09-02 19:34:42 144,832 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
+ 2007-10-31 01:55:20 145,968 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
- 2006-09-02 19:34:50 39,104 ----a-w C:\WINDOWS\system32\drivers\symids.sys
+ 2007-10-31 01:55:28 39,856 ----a-w C:\WINDOWS\system32\drivers\symids.sys
- 2006-09-02 19:34:46 33,216 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
+ 2007-10-31 01:55:24 35,120 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
- 2006-09-02 19:35:06 36,032 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
+ 2007-10-31 01:55:44 37,936 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
- 2006-09-02 19:34:56 26,432 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
+ 2007-10-31 01:55:34 27,696 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
- 2006-09-02 19:35:00 186,048 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
+ 2007-10-31 01:55:38 191,536 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
- 2007-09-17 22:39:52 48,776 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
+ 2007-12-20 14:56:17 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
- 2007-12-14 03:26:50 156,160 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2000-08-31 14:00:00 156,160 ----a-w C:\WINDOWS\system32\swreg.exe
- 2006-09-02 19:35:16 613,056 ----a-w C:\WINDOWS\system32\SymNeti.dll
+ 2007-10-31 01:55:50 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll
- 2006-09-02 19:35:10 239,808 ----a-w C:\WINDOWS\system32\SymRedir.dll
+ 2007-10-31 01:55:48 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360]
"BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ]
"MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [ ]
"AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [ ]
"PS2"="C:\WINDOWS\system32\ps2.exe" [ ]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [ ]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [ ]
"HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [ ]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [ ]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [ ]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [ ]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [ ]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-03 21:32 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2002-08-29 06:00 44032]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 21:31 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 21:32 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 21:32 455168]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2006-09-02 17:36 100032]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]
2004-08-16 16:45 45056 --a------ C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus XtremeG]
2004-09-22 13:08 987136 --a------ C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
2003-08-21 05:23 49152 --a------ c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
1998-05-07 18:04 52736 --a------ c:\windows\system\hpsysdrv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2005-06-24 14:16 278528 --a------ C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
2003-02-11 21:02 61440 --a------ C:\HP\KBD\KBD.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2005-05-28 21:48 155648 --------- C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
2005-04-02 22:08 98304 --a------ C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient]
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2006-11-09 15:07 49263 --a------ C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]
2003-03-31 19:28 155648 --a------ C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Viewpoint Manager Service"=2 (0x2)
"StarWindService"=2 (0x2)
"Pml Driver HPZ12"=3 (0x3)
"ose"=3 (0x3)
"MDM"=2 (0x2)
"LiveUpdate"=3 (0x3)
"iPodService"=3 (0x3)
"IDriverT"=3 (0x3)
"comHost"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Automatic LiveUpdate Scheduler"=2 (0x2)
"Adobe LM Service"=3 (0x3)
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2004-09-02 21:01]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f31d8fe-21d6-11d9-928a-000c76ff2271}]
\Shell\AutoRun\command - H:\setupSNK.exe
*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2007-12-19 21:53:35 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job"
- C:\Program Files\AdwareAlert\AdwareAlert.ex
- C:\Program Files\AdwareAlert
"2007-12-06 23:50:01 C:\WINDOWS\Tasks\EasyShare Registration Task.job"
- C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt _RegistrationOffer@16
"2007-12-15 02:01:35 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Owner.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/TASK:
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-02 08:57:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-02 9:02:19 - machine was rebooted
C:\qoobox\ComboFix-quarantined-files.txt 2008-01-02 15:02:14
C:\qoobox\ComboFix2.txt 2007-12-20 13:48:47
C:\qoobox\ComboFix3.txt 2007-12-20 04:52:57
.
2008-01-02 14:35:19 --- E O F ---
-
OK. Thanks for your patience. Here's the new log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:59:35 AM, on 1/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\ps2 .exe
C:\WINDOWS\system32\igfxtray .exe
C:\WINDOWS\System32\hphmon05 .exe
C:\WINDOWS\system32\hkcmd .exe
C:\Program Files\Common Files\Symantec Shared\ccApp .exe
C:\Program Files\Common Files\Real\Update_OB\realsched .exe
C:\WINDOWS\system32\dla\tfswctrl .exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy .exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
F3 - REG:win.ini: load=C:\WINDOWS\system32\mljjk.exe
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe
O4 - Startup: PowerReg Scheduler V3 .exe
O4 - Startup: PowerReg Scheduler V3 .exe
O4 - Startup: PowerReg Scheduler V3 .exe
O4 - Startup: PowerReg Scheduler V3 .exe
O4 - Startup: PowerReg Scheduler V3 .exe
O4 - Startup: PowerReg Scheduler V3 .exe
O4 - Startup: PowerReg Scheduler V3 .exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10427 bytes
-
Hi,
Open Hijack This and place a tick next to this item:
F3 - REG:win.ini: load=C:\WINDOWS\system32\mljjk.exe
Reboot into Safe Mode and delete this file:
C:\WINDOWS\system32\mljjk.exe
Reboot as you normally would, and post another Hijack This log in a reply here.
I am now away from my home for the holidays. I will return to my computer in a week. When I get back, I will follow these steps. Don't forget about me, OK!
P.S.
what's a "tick"?
Scprot4.exe
in Malware Removal
Posted
You can count on it!