Sponsored By

beemanbone

Members
  • Content Count

    31
  • Joined

  • Last visited

Everything posted by beemanbone

  1. beemanbone

    Scprot4.exe

    I have very limited computer knowledge. I'm desperate. Any help would be greatly appreciated. This is my log... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:21:43 PM, on 12/19/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\system32\ps2 .exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\dla\tfswctrl .exe C:\WINDOWS\system32\hkcmd .exe C:\WINDOWS\system32\regsvr32.exe C:\WINDOWS\system32\igfxtray .exe C:\WINDOWS\System32\hphmon05 .exe C:\Program Files\Common Files\Real\Update_OB\realsched .exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy .exe C:\Program Files\SecCenter\scprot4 .exe C:\Program Files\Outerinfo\Outerinfo .exe C:\WINDOWS\system32\ctfmon .exe C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local F3 - REG:win.ini: load=C:\WINDOWS\system32\mljjk.exe O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Morpheus Toolbar - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [nkzezsdw] rundll32.exe "C:\Program Files\yvqdgbir\qdsjihqj.dll",Init O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvwek.dll,startup O4 - HKLM\..\Run: [sC2] C:\Program Files\SecCenter\scprot4.exe O4 - HKLM\..\Run: [pufylujg] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\pufylujg.dll" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Outerinfo] "C:\Program Files\Outerinfo\Outerinfo.exe" O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe O4 - Startup: PowerReg Scheduler V3 .exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: APC UPS Status.lnk = ? O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609 O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10505 bytes
  2. beemanbone

    Scprot4.exe

    You can count on it!
  3. beemanbone

    Scprot4.exe

    Thank you so much for your assistance and patience. Michael Brandon M.
  4. beemanbone

    Scprot4.exe

    I believe it is outbound, but I'm not sure. It says destination IP is 192.168.1.102. It happens even when I'm not connected to internet. Here are the scan results... Scan taken on 05 Jan 2008 11:45:25 (GMT) A-Squared Found nothing AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing CPsecure Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing Fortinet Found nothing Ikarus Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing Panda Antivirus Found nothing Rising Antivirus Found nothing Sophos Antivirus Found nothing VirusBuster Found nothing VBA32 Found nothing
  5. beemanbone

    Scprot4.exe

    My computer is running better than ever. There is one thing I noticed, though. I've installed a firewall, and it is constantly blocking the same intrusion. The application is C:\WINDOWS\system32\svchost.exe. Do you think it's a virus or trojan?
  6. beemanbone

    Scprot4.exe

    and finally, Section #4........... I:\RECYCLED\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\RECYCLED\FOLDER.HTT Disinfected I:\audio\soundforge\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\audio\soundforge\FOLDER.HTT Disinfected I:\audio\ACID\songs\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\audio\ACID\songs\FOLDER.HTT Disinfected I:\audio\ACID\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\audio\ACID\FOLDER.HTT Disinfected I:\audio\rebirth2\Default Songs\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\audio\rebirth2\Default Songs\FOLDER.HTT Disinfected I:\audio\rebirth2\Demo Songs\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\audio\rebirth2\Demo Songs\FOLDER.HTT Disinfected I:\audio\rebirth2\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\audio\rebirth2\FOLDER.HTT Disinfected I:\audio\ZILLION\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\audio\ZILLION\FOLDER.HTT Disinfected I:\FAILSAFE.DRV\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\FAILSAFE.DRV\FOLDER.HTT Disinfected I:\unzipped\cdex_130\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\unzipped\cdex_130\FOLDER.HTT Disinfected I:\unzipped\cheatsheet_compiler\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\unzipped\cheatsheet_compiler\FOLDER.HTT Disinfected I:\My Documents BEE\Bee's Stuff\dload\sites\Main\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Bee's Stuff\dload\sites\Main\FOLDER.HTT Disinfected I:\My Documents BEE\Bee's Stuff\dload\sites\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Bee's Stuff\dload\sites\FOLDER.HTT Disinfected I:\My Documents BEE\Bee's Stuff\dload\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Bee's Stuff\dload\FOLDER.HTT Disinfected I:\My Documents BEE\Bee's Stuff\dload\B T\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Bee's Stuff\dload\B T\FOLDER.HTT Disinfected I:\My Documents BEE\Bee's Stuff\dload\PowerDVD 5.0\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Bee's Stuff\dload\PowerDVD 5.0\FOLDER.HTT Disinfected I:\My Documents BEE\Bee's Stuff\Faye's Stuff\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Bee's Stuff\Faye's Stuff\FOLDER.HTT Disinfected I:\My Documents BEE\Bee's Stuff\Anime\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Bee's Stuff\Anime\FOLDER.HTT Disinfected I:\My Documents BEE\Bee's Stuff\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Bee's Stuff\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\system\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\system\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\addons\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\addons\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\skins\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\skins\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\download\bm98\3am\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\download\bm98\3am\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\download\bm98\housecat\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\download\bm98\housecat\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\download\bm98\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\download\bm98\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\download\bm98\applejuice2\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\download\bm98\applejuice2\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\download\bm98\Docs\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\download\bm98\Docs\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\download\bm98\Image\BM\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\download\bm98\Image\BM\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\download\bm98\Image\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\download\bm98\Image\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\download\bm98\success\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\download\bm98\success\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\download\bm98\loverebirth\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\download\bm98\loverebirth\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\download\bm98\breeze\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\download\bm98\breeze\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\download\bm98\lovesrebirth_truthmix\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\download\bm98\lovesrebirth_truthmix\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\logs\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\logs\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\sounds\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\sounds\FOLDER.HTT Disinfected I:\My Documents BEE\sysreset\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\sysreset\FOLDER.HTT Disinfected I:\My Documents BEE\Online UrL\East\news\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Online UrL\East\news\FOLDER.HTT Disinfected I:\My Documents BEE\Online UrL\East\music\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Online UrL\East\music\FOLDER.HTT Disinfected I:\My Documents BEE\Online UrL\East\culture\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Online UrL\East\culture\FOLDER.HTT Disinfected I:\My Documents BEE\Online UrL\East\anime\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Online UrL\East\anime\FOLDER.HTT Disinfected I:\My Documents BEE\Online UrL\East\language\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Online UrL\East\language\FOLDER.HTT Disinfected I:\My Documents BEE\Online UrL\East\film\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Online UrL\East\film\FOLDER.HTT Disinfected I:\My Documents BEE\Online UrL\East\D V D\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Online UrL\East\D V D\FOLDER.HTT Disinfected I:\My Documents BEE\Online UrL\East\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Online UrL\East\FOLDER.HTT Disinfected I:\My Documents BEE\Online UrL\BellSouth\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\My Documents BEE\Online UrL\BellSouth\FOLDER.HTT Disinfected J:\DATA\EN\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\DATA\EN\FOLDER.HTT Disinfected J:\CPQS\LANG\PQ\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\LANG\PQ\FOLDER.HTT Disinfected J:\CPQS\LANG\QR\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\LANG\QR\FOLDER.HTT Disinfected J:\CPQS\LANG\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\LANG\FOLDER.HTT Disinfected J:\CPQS\BOM\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\BOM\FOLDER.HTT Disinfected J:\CPQS\ACC\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\ACC\FOLDER.HTT Disinfected J:\CPQS\QRIA\APPL.ZIP\INSTALL\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\QRIA\APPL.ZIP\INSTALL\FOLDER.HTT Disinfected J:\CPQS\QRIA\APPL.ZIP\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\QRIA\APPL.ZIP\FOLDER.HTT Disinfected J:\CPQS\QRIA\CPQS\QUICKSR\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\QRIA\CPQS\QUICKSR\FOLDER.HTT Disinfected J:\CPQS\QRIA\CPQS\SUPPORT\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\QRIA\CPQS\SUPPORT\FOLDER.HTT Disinfected J:\CPQS\QRIA\CPQS\TOOLS\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\QRIA\CPQS\TOOLS\FOLDER.HTT Disinfected J:\CPQS\QRIA\CPQS\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\QRIA\CPQS\FOLDER.HTT Disinfected J:\CPQS\QRIA\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\QRIA\FOLDER.HTT Disinfected J:\CPQS\TOOLS\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\TOOLS\FOLDER.HTT Disinfected J:\CPQS\PATCHES\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\PATCHES\FOLDER.HTT Disinfected J:\CPQS\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQS\FOLDER.HTT Disinfected J:\CPQDRV\1512970A06\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1512970A06\FOLDER.HTT Disinfected J:\CPQDRV\1512970A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1512970A\FOLDER.HTT Disinfected J:\CPQDRV\151297\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151297\FOLDER.HTT Disinfected J:\CPQDRV\151308\B2A30\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151308\B2A30\FOLDER.HTT Disinfected J:\CPQDRV\151308\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151308\B2A\FOLDER.HTT Disinfected J:\CPQDRV\151308\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151308\FOLDER.HTT Disinfected J:\CPQDRV\151360\B2A03\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151360\B2A03\FOLDER.HTT Disinfected J:\CPQDRV\151360\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151360\B2A\FOLDER.HTT Disinfected J:\CPQDRV\151360\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151360\FOLDER.HTT Disinfected J:\CPQDRV\151370\B2A05\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151370\B2A05\FOLDER.HTT Disinfected J:\CPQDRV\151370\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151370\B2A\FOLDER.HTT Disinfected J:\CPQDRV\151370\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151370\FOLDER.HTT Disinfected J:\CPQDRV\1514160A16\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1514160A16\FOLDER.HTT Disinfected J:\CPQDRV\1514160A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1514160A\FOLDER.HTT Disinfected J:\CPQDRV\151416\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151416\FOLDER.HTT Disinfected J:\CPQDRV\1515520A15\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1515520A15\FOLDER.HTT Disinfected J:\CPQDRV\1515520A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1515520A\FOLDER.HTT Disinfected J:\CPQDRV\151552\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151552\FOLDER.HTT Disinfected J:\CPQDRV\151558\B2A12\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151558\B2A12\FOLDER.HTT Disinfected J:\CPQDRV\151558\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151558\B2A\FOLDER.HTT Disinfected J:\CPQDRV\151558\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151558\FOLDER.HTT Disinfected J:\CPQDRV\1515800D01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1515800D01\FOLDER.HTT Disinfected J:\CPQDRV\1515800D\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1515800D\FOLDER.HTT Disinfected J:\CPQDRV\151580\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151580\FOLDER.HTT Disinfected J:\CPQDRV\151616\B2A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151616\B2A01\FOLDER.HTT Disinfected J:\CPQDRV\151616\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151616\B2A\FOLDER.HTT Disinfected J:\CPQDRV\151616\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151616\FOLDER.HTT Disinfected J:\CPQDRV\1516360A05\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1516360A05\FOLDER.HTT Disinfected J:\CPQDRV\1516360A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1516360A\FOLDER.HTT Disinfected J:\CPQDRV\151636\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151636\FOLDER.HTT Disinfected J:\CPQDRV\1516620A12\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1516620A12\FOLDER.HTT Disinfected J:\CPQDRV\1516620A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1516620A\FOLDER.HTT Disinfected J:\CPQDRV\151662\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151662\FOLDER.HTT Disinfected J:\CPQDRV\1516890A04\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1516890A04\FOLDER.HTT Disinfected J:\CPQDRV\1516890A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1516890A\FOLDER.HTT Disinfected J:\CPQDRV\151689\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151689\FOLDER.HTT Disinfected J:\CPQDRV\1516900A04\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1516900A04\FOLDER.HTT Disinfected J:\CPQDRV\1516900A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1516900A\FOLDER.HTT Disinfected J:\CPQDRV\151690\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151690\FOLDER.HTT Disinfected J:\CPQDRV\1516950A04\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1516950A04\FOLDER.HTT Disinfected J:\CPQDRV\1516950A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1516950A\FOLDER.HTT Disinfected J:\CPQDRV\151695\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151695\FOLDER.HTT Disinfected J:\CPQDRV\151697\B2A03\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151697\B2A03\FOLDER.HTT Disinfected J:\CPQDRV\151697\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151697\B2A\FOLDER.HTT Disinfected J:\CPQDRV\151697\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151697\FOLDER.HTT Disinfected J:\CPQDRV\151716\B2A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151716\B2A01\FOLDER.HTT Disinfected J:\CPQDRV\151716\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151716\B2A\FOLDER.HTT Disinfected J:\CPQDRV\151716\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\151716\FOLDER.HTT Disinfected J:\CPQDRV\155959\B2A22\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\155959\B2A22\FOLDER.HTT Disinfected J:\CPQDRV\155959\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\155959\B2A\FOLDER.HTT Disinfected J:\CPQDRV\155959\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\155959\FOLDER.HTT Disinfected J:\CPQDRV\1559920A03\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1559920A03\FOLDER.HTT Disinfected J:\CPQDRV\1559920A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1559920A\FOLDER.HTT Disinfected J:\CPQDRV\155992\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\155992\FOLDER.HTT Disinfected J:\CPQDRV\1559930A13\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1559930A13\FOLDER.HTT Disinfected J:\CPQDRV\1559930A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1559930A\FOLDER.HTT Disinfected J:\CPQDRV\155993\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\155993\FOLDER.HTT Disinfected J:\CPQDRV\1559940A06\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1559940A06\FOLDER.HTT Disinfected J:\CPQDRV\1559940A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1559940A\FOLDER.HTT Disinfected J:\CPQDRV\155994\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\155994\FOLDER.HTT Disinfected J:\CPQDRV\156020\B2A11\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156020\B2A11\FOLDER.HTT Disinfected J:\CPQDRV\156020\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156020\B2A\FOLDER.HTT Disinfected J:\CPQDRV\156020\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156020\FOLDER.HTT Disinfected J:\CPQDRV\1560280A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1560280A01\FOLDER.HTT Disinfected J:\CPQDRV\1560280A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1560280A\FOLDER.HTT Disinfected J:\CPQDRV\156028\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156028\FOLDER.HTT Disinfected J:\CPQDRV\156029\B2A02\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156029\B2A02\FOLDER.HTT Disinfected J:\CPQDRV\156029\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156029\B2A\FOLDER.HTT Disinfected J:\CPQDRV\156029\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156029\FOLDER.HTT Disinfected J:\CPQDRV\1561150A02\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1561150A02\FOLDER.HTT Disinfected J:\CPQDRV\1561150A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1561150A\FOLDER.HTT Disinfected J:\CPQDRV\156115\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156115\FOLDER.HTT Disinfected J:\CPQDRV\156121\B2A02\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156121\B2A02\FOLDER.HTT Disinfected J:\CPQDRV\156121\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156121\B2A\FOLDER.HTT Disinfected J:\CPQDRV\156121\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156121\FOLDER.HTT Disinfected J:\CPQDRV\1561990A04\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1561990A04\FOLDER.HTT Disinfected J:\CPQDRV\1561990A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1561990A\FOLDER.HTT Disinfected J:\CPQDRV\156199\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156199\FOLDER.HTT Disinfected J:\CPQDRV\156208\B2A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156208\B2A01\FOLDER.HTT Disinfected J:\CPQDRV\156208\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156208\B2A\FOLDER.HTT Disinfected J:\CPQDRV\156208\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156208\FOLDER.HTT Disinfected J:\CPQDRV\1562090A04\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562090A04\FOLDER.HTT Disinfected J:\CPQDRV\1562090A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562090A\FOLDER.HTT Disinfected J:\CPQDRV\156209\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156209\FOLDER.HTT Disinfected J:\CPQDRV\1562110A02\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562110A02\FOLDER.HTT Disinfected J:\CPQDRV\1562110A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562110A\FOLDER.HTT Disinfected J:\CPQDRV\156211\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156211\FOLDER.HTT Disinfected J:\CPQDRV\1562130A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562130A01\FOLDER.HTT Disinfected J:\CPQDRV\1562130A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562130A\FOLDER.HTT Disinfected J:\CPQDRV\156213\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156213\FOLDER.HTT Disinfected J:\CPQDRV\1562140A02\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562140A02\FOLDER.HTT Disinfected J:\CPQDRV\1562140A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562140A\FOLDER.HTT Disinfected J:\CPQDRV\156214\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156214\FOLDER.HTT Disinfected J:\CPQDRV\1562220A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562220A01\FOLDER.HTT Disinfected J:\CPQDRV\1562220A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562220A\FOLDER.HTT Disinfected J:\CPQDRV\156222\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156222\FOLDER.HTT Disinfected J:\CPQDRV\1562230A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562230A01\FOLDER.HTT Disinfected J:\CPQDRV\1562230A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562230A\FOLDER.HTT Disinfected J:\CPQDRV\156223\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156223\FOLDER.HTT Disinfected J:\CPQDRV\1562240A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562240A01\FOLDER.HTT Disinfected J:\CPQDRV\1562240A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562240A\FOLDER.HTT Disinfected J:\CPQDRV\156224\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156224\FOLDER.HTT Disinfected J:\CPQDRV\1562250A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562250A01\FOLDER.HTT Disinfected J:\CPQDRV\1562250A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562250A\FOLDER.HTT Disinfected J:\CPQDRV\156225\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156225\FOLDER.HTT Disinfected J:\CPQDRV\1562260A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562260A01\FOLDER.HTT Disinfected J:\CPQDRV\1562260A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562260A\FOLDER.HTT Disinfected J:\CPQDRV\156226\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156226\FOLDER.HTT Disinfected J:\CPQDRV\1562310A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562310A01\FOLDER.HTT Disinfected J:\CPQDRV\1562310A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562310A\FOLDER.HTT Disinfected J:\CPQDRV\156231\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156231\FOLDER.HTT Disinfected J:\CPQDRV\1562500A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562500A01\FOLDER.HTT Disinfected J:\CPQDRV\1562500A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1562500A\FOLDER.HTT Disinfected J:\CPQDRV\156250\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156250\FOLDER.HTT Disinfected J:\CPQDRV\156261\B2A02\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156261\B2A02\FOLDER.HTT Disinfected J:\CPQDRV\156261\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156261\B2A\FOLDER.HTT Disinfected J:\CPQDRV\156261\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156261\FOLDER.HTT Disinfected J:\CPQDRV\156354\B2A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156354\B2A01\FOLDER.HTT Disinfected J:\CPQDRV\156354\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156354\B2A\FOLDER.HTT Disinfected J:\CPQDRV\156354\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156354\FOLDER.HTT Disinfected J:\CPQDRV\156368\B2A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156368\B2A01\FOLDER.HTT Disinfected J:\CPQDRV\156368\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156368\B2A\FOLDER.HTT Disinfected J:\CPQDRV\156368\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156368\FOLDER.HTT Disinfected J:\CPQDRV\ICONS\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\ICONS\FOLDER.HTT Disinfected J:\CPQDRV\1559230A03\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1559230A03\FOLDER.HTT Disinfected J:\CPQDRV\1559230A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1559230A\FOLDER.HTT Disinfected J:\CPQDRV\155923\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\155923\FOLDER.HTT Disinfected J:\CPQDRV\1560250A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1560250A01\FOLDER.HTT Disinfected J:\CPQDRV\1560250A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1560250A\FOLDER.HTT Disinfected J:\CPQDRV\156025\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156025\FOLDER.HTT Disinfected J:\CPQDRV\156036\B2A13\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156036\B2A13\FOLDER.HTT Disinfected J:\CPQDRV\156036\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156036\B2A\FOLDER.HTT Disinfected J:\CPQDRV\156036\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156036\FOLDER.HTT Disinfected J:\CPQDRV\156045\B2A06\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156045\B2A06\FOLDER.HTT Disinfected J:\CPQDRV\156045\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156045\B2A\FOLDER.HTT Disinfected J:\CPQDRV\156045\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156045\FOLDER.HTT Disinfected J:\CPQDRV\156080\B2A09\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156080\B2A09\FOLDER.HTT Disinfected J:\CPQDRV\156080\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156080\B2A\FOLDER.HTT Disinfected J:\CPQDRV\156080\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156080\FOLDER.HTT Disinfected J:\CPQDRV\1560850A07\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1560850A07\FOLDER.HTT Disinfected J:\CPQDRV\1560850A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\1560850A\FOLDER.HTT Disinfected J:\CPQDRV\156085\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\156085\FOLDER.HTT Disinfected J:\CPQDRV\3249380H08\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\3249380H08\FOLDER.HTT Disinfected J:\CPQDRV\3249380H\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\3249380H\FOLDER.HTT Disinfected J:\CPQDRV\324938\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\324938\FOLDER.HTT Disinfected J:\CPQDRV\3249510R18\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\3249510R18\FOLDER.HTT Disinfected J:\CPQDRV\3249510R\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\3249510R\FOLDER.HTT Disinfected J:\CPQDRV\324951\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\324951\FOLDER.HTT Disinfected J:\CPQDRV\3249990L16\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\3249990L16\FOLDER.HTT Disinfected J:\CPQDRV\3249990L\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\3249990L\FOLDER.HTT Disinfected J:\CPQDRV\324999\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\324999\FOLDER.HTT Disinfected J:\CPQDRV\3518090D06\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\3518090D06\FOLDER.HTT Disinfected J:\CPQDRV\3518090D\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\3518090D\FOLDER.HTT Disinfected J:\CPQDRV\351809\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\351809\FOLDER.HTT Disinfected J:\CPQDRV\3520710D04\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\3520710D04\FOLDER.HTT Disinfected J:\CPQDRV\3520710D\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\3520710D\FOLDER.HTT Disinfected J:\CPQDRV\352071\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\352071\FOLDER.HTT Disinfected J:\CPQDRV\352115\B2A19\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\352115\B2A19\FOLDER.HTT Disinfected J:\CPQDRV\352115\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\352115\B2A\FOLDER.HTT Disinfected J:\CPQDRV\352115\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\352115\FOLDER.HTT Disinfected J:\CPQDRV\3522000A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\3522000A01\FOLDER.HTT Disinfected J:\CPQDRV\3522000A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\3522000A\FOLDER.HTT Disinfected J:\CPQDRV\352200\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\352200\FOLDER.HTT Disinfected J:\CPQDRV\352204\B2A01\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\352204\B2A01\FOLDER.HTT Disinfected J:\CPQDRV\352204\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\352204\B2A\FOLDER.HTT Disinfected J:\CPQDRV\352204\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\352204\FOLDER.HTT Disinfected J:\CPQDRV\400635\B2A21\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\400635\B2A21\FOLDER.HTT Disinfected J:\CPQDRV\400635\B2A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\400635\B2A\FOLDER.HTT Disinfected J:\CPQDRV\400635\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\400635\FOLDER.HTT Disinfected J:\CPQDRV\4006380A04\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\4006380A04\FOLDER.HTT Disinfected J:\CPQDRV\4006380A\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\4006380A\FOLDER.HTT Disinfected J:\CPQDRV\400638\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\400638\FOLDER.HTT Disinfected J:\CPQDRV\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\CPQDRV\FOLDER.HTT Disinfected J:\RECYCLED\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\RECYCLED\FOLDER.HTT Disinfected J:\msdownld.tmp\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) J:\msdownld.tmp\FOLDER.HTT Disinfected
  7. beemanbone

    Scprot4.exe

    Section #3........ I:\Program Files\FruityLoops\Plugins\VST\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\VST\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Generators\Wasp\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Generators\Wasp\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Generators\Wasp\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Generators\Wasp\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Images\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Images\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Data\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Data\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Generators\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Generators\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Effects\Fruity NoteBook\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Effects\Fruity NoteBook\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Effects\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Effects\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity NoteBook\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity NoteBook\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Effects\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Effects\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Data\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Data\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Images\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Images\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\SimSynth\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\SimSynth\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\Generators\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\Generators\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\Fruity\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\Fruity\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Plugins\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Plugins\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Config\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Config\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Goodies\FLP file format\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Goodies\FLP file format\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Goodies\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Goodies\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Help\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Help\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Internet\About\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Internet\About\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Internet\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Internet\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Loops\Basic\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Loops\Basic\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Loops\Cool stuff\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Loops\Cool stuff\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Loops\Cover songs\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Loops\Cover songs\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Loops\DrumSynth\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Loops\DrumSynth\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Loops\MIDI\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Loops\MIDI\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Loops\Remixes\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Loops\Remixes\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Loops\Songwriters\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Loops\Songwriters\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Loops\TS404\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Loops\TS404\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Loops\Covers\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Loops\Covers\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Loops\Misc\DrumSynth\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Loops\Misc\DrumSynth\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Loops\Misc\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Loops\Misc\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Loops\Tutorial\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Loops\Tutorial\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Loops\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Loops\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Artwork\Full\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Artwork\Full\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Artwork\Wallpapers\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Artwork\Wallpapers\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Artwork\Skins\Default\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Artwork\Skins\Default\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Artwork\Skins\New steps\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Artwork\Skins\New steps\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Artwork\Skins\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Artwork\Skins\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Artwork\Demo\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Artwork\Demo\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Artwork\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Artwork\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\WAV\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\WAV\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\MIDI\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\MIDI\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\8 channels\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\8 channels\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Acoustic\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Acoustic\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 78\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 78\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 8000\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 8000\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Effects\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Effects\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Electro\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Electro\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Percussion\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Percussion\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\R & B\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\R & B\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Techno\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Techno\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 808\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 808\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 909\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 909\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\Basic\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\Basic\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\Basic TS404\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\Basic TS404\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\Club basic\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\Club basic\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\Empty\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\Empty\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\Studio\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\Studio\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\808\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\808\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\ReBirth\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\ReBirth\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumKits\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumKits\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Basic\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Basic\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Extra\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Extra\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Instruments\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Instruments\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Shapes\ml_shapes\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Shapes\ml_shapes\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Andrew\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Andrew\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Shapes\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Shapes\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\bass\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\bass\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\drums\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\drums\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Echo delay FX\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Echo delay FX\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Extra\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Extra\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\FX\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\FX\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Long\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Long\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\misc synths\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\misc synths\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Short\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Short\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\string vars\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\string vars\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Strings\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Strings\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Synth\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Synth\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Andrew\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Andrew\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\Guitar\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\Guitar\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Instruments\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Instruments\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Packs\Basic\Basses\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Packs\Basic\Basses\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Packs\Basic\General\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Packs\Basic\General\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Packs\Basic\HiHats\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Packs\Basic\HiHats\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\Looped\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\Looped\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Packs\Basic\Kicks\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Packs\Basic\Kicks\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Packs\Basic\Snares\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Packs\Basic\Snares\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Packs\Basic\Stabs\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Packs\Basic\Stabs\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Packs\Basic\Voices\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Packs\Basic\Voices\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Packs\Basic\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Packs\Basic\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Packs\ReBirth import (LQ)\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Packs\ReBirth import (LQ)\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Packs\Vintage\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Packs\Vintage\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Packs\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Packs\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DS_Instruments\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DS_Instruments\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DS_Various\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DS_Various\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\TS404 presets\Extra\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\TS404 presets\Extra\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\TS404 presets\Extra2\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\TS404 presets\Extra2\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\TS404 presets\Extra3\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\TS404 presets\Extra3\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\TS404 presets\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\TS404 presets\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\Fruity 7 band EQ\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\Fruity 7 band EQ\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\Fruity delay\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\Fruity delay\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\Fruity filter\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\Fruity filter\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\Fruity free filter\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\Fruity free filter\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\Fruity reeverb\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\Fruity reeverb\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\WASP\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\WASP\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\Plucked!\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\Plucked!\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\BeepMap\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\BeepMap\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\3x Osc\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\3x Osc\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\MIDI out\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\MIDI out\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\Fruity phaser\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\Fruity phaser\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\Fruity PanOMatic\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\Fruity PanOMatic\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\Fruity flanger\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\Fruity flanger\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\Fruity wrapper\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\Fruity wrapper\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\SimSynth\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\SimSynth\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FX presets\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FX presets\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Humanize presets\Grooves\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Humanize presets\Grooves\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Humanize presets\Level\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Humanize presets\Level\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Humanize presets\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Humanize presets\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SS_Effects\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SS_Effects\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SS_Instruments\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SS_Instruments\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SS2_Effects\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SS2_Effects\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SS2_Extra\2.7\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SS2_Extra\2.7\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SS2_Extra\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SS2_Extra\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SS2_Instruments\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SS2_Instruments\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SS2_Riffs\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SS2_Riffs\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\TS404 shapes\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\TS404 shapes\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Used by tunes\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Used by tunes\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Channel presets\BeepMap\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Channel presets\BeepMap\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\Effects\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\Effects\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\Channel presets\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\Channel presets\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumSynth\Fuzz\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumSynth\Fuzz\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumSynth\Instruments\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumSynth\Instruments\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumSynth\Various\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumSynth\Various\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\DrumSynth\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\DrumSynth\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SimSynth\Effects\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SimSynth\Effects\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SimSynth\Effects 2\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SimSynth\Effects 2\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SimSynth\Extra\2.7\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SimSynth\Extra\2.7\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SimSynth\Extra\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SimSynth\Extra\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SimSynth\Instruments\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SimSynth\Instruments\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SimSynth\Instruments 2\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SimSynth\Instruments 2\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SimSynth\Riffs\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SimSynth\Riffs\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\SimSynth\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\SimSynth\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\System\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\System\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\STARTSONG\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\STARTSONG\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Samples\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Samples\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins\3D Wheels\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins\3D Wheels\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins\Big Scope\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins\Big Scope\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins\Dark keyboard\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins\Dark keyboard\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins\Default\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins\Default\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins\Grip\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins\Grip\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins\Lights\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins\Lights\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins\Magnum\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins\Magnum\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins\My little playlist\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins\My little playlist\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins\Red LCD\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins\Red LCD\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins\Red White Keys\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins\Red White Keys\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins\Wide\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins\Wide\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins 3\Default\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins 3\Default\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins 3\New steps\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins 3\New steps\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Skins 3\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Skins 3\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Texts\html\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Texts\html\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Texts\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Texts\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Tools\BeatSlicer\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Tools\BeatSlicer\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Tools\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Tools\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\Trash bin\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\Trash bin\FOLDER.HTT Disinfected I:\Program Files\FruityLoops\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\FruityLoops\FOLDER.HTT Disinfected I:\Program Files\igowin\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\igowin\FOLDER.HTT Disinfected I:\Program Files\CHANGJIE\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\CHANGJIE\FOLDER.HTT Disinfected I:\Program Files\PowerDVD\Skins\Crystal\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\PowerDVD\Skins\Crystal\FOLDER.HTT Disinfected I:\Program Files\PowerDVD\Skins\Neo\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\PowerDVD\Skins\Neo\FOLDER.HTT Disinfected I:\Program Files\PowerDVD\Skins\Oscar\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\PowerDVD\Skins\Oscar\FOLDER.HTT Disinfected I:\Program Files\PowerDVD\Skins\Epiphany\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\PowerDVD\Skins\Epiphany\FOLDER.HTT Disinfected I:\Program Files\PowerDVD\Skins\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\PowerDVD\Skins\FOLDER.HTT Disinfected I:\Program Files\PowerDVD\HTML\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\PowerDVD\HTML\FOLDER.HTT Disinfected I:\Program Files\PowerDVD\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\PowerDVD\FOLDER.HTT Disinfected
  8. beemanbone

    Scprot4.exe

    Section#2.... I:\Program Files\Trident Microsystems, Inc\Display Driver\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Trident Microsystems, Inc\Display Driver\FOLDER.HTT Disinfected I:\Program Files\Trident Microsystems, Inc\trident\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Trident Microsystems, Inc\trident\FOLDER.HTT Disinfected I:\Program Files\Trident Microsystems, Inc\trident\lessons\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Trident Microsystems, Inc\trident\lessons\FOLDER.HTT Disinfected I:\Program Files\Trident Microsystems, Inc\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Trident Microsystems, Inc\FOLDER.HTT Disinfected I:\Program Files\WinRAR\Formats\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\WinRAR\Formats\FOLDER.HTT Disinfected I:\Program Files\Winamp\Skins\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Skins\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\avs\newpicks\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\avs\newpicks\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\avs\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\avs\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\Images\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\Images\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\sayings\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\sayings\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\resources\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\resources\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\names\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\names\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\images\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\images\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\models\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\models\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\Dotorama\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\Dotorama\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\arsc\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\arsc\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\rsc\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\rsc\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Art\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Art\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Models\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Models\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\wtvis\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\wtvis\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\wt\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\wt\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\CLIMAX PRESETS\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\CLIMAX PRESETS\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\CLIMAX PALETTES\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\CLIMAX PALETTES\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\G-Force ColorMaps\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\G-Force ColorMaps\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\G-Force DeltaFields\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\G-Force DeltaFields\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\G-Force Particles\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\G-Force Particles\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\G-Force WaveShapes\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\G-Force WaveShapes\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\G-Force\Extras\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\G-Force\Extras\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\G-Force\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\G-Force\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\ml\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\ml\FOLDER.HTT Disinfected I:\Program Files\Winamp\Plugins\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\Plugins\FOLDER.HTT Disinfected I:\Program Files\Winamp\AOD\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\AOD\FOLDER.HTT Disinfected I:\Program Files\Winamp\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Winamp\FOLDER.HTT Disinfected I:\Program Files\AnalogX\Scratch\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\AnalogX\Scratch\FOLDER.HTT Disinfected I:\Program Files\AnalogX\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\AnalogX\FOLDER.HTT Disinfected I:\Program Files\WinZip\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\WinZip\FOLDER.HTT Disinfected I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder\FOLDER.HTT Disinfected I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder (2)\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder (2)\FOLDER.HTT Disinfected I:\Program Files\cdex 130\OutputFiles\no artist\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\OutputFiles\no artist\FOLDER.HTT Disinfected I:\Program Files\cdex 130\OutputFiles\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\OutputFiles\FOLDER.HTT Disinfected I:\Program Files\cdex 130\OutputFiles\unknown artist\New CD\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\OutputFiles\unknown artist\New CD\FOLDER.HTT Disinfected I:\Program Files\cdex 130\OutputFiles\unknown artist\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\OutputFiles\unknown artist\FOLDER.HTT Disinfected I:\Program Files\cdex 130\LocalCDDB\blues\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\LocalCDDB\blues\FOLDER.HTT Disinfected I:\Program Files\cdex 130\LocalCDDB\classical\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\LocalCDDB\classical\FOLDER.HTT Disinfected I:\Program Files\cdex 130\LocalCDDB\country\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\LocalCDDB\country\FOLDER.HTT Disinfected I:\Program Files\cdex 130\LocalCDDB\data\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\LocalCDDB\data\FOLDER.HTT Disinfected I:\Program Files\cdex 130\LocalCDDB\folk\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\LocalCDDB\folk\FOLDER.HTT Disinfected I:\Program Files\cdex 130\LocalCDDB\jazz\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\LocalCDDB\jazz\FOLDER.HTT Disinfected I:\Program Files\cdex 130\LocalCDDB\misc\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\LocalCDDB\misc\FOLDER.HTT Disinfected I:\Program Files\cdex 130\LocalCDDB\newage\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\LocalCDDB\newage\FOLDER.HTT Disinfected I:\Program Files\cdex 130\LocalCDDB\reggae\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\LocalCDDB\reggae\FOLDER.HTT Disinfected I:\Program Files\cdex 130\LocalCDDB\rock\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\LocalCDDB\rock\FOLDER.HTT Disinfected I:\Program Files\cdex 130\LocalCDDB\soundtrack\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\LocalCDDB\soundtrack\FOLDER.HTT Disinfected I:\Program Files\cdex 130\LocalCDDB\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\LocalCDDB\FOLDER.HTT Disinfected I:\Program Files\cdex 130\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\cdex 130\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\motion\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\motion\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Palettes\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Palettes\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\AEFilters\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\AEFilters\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\sweet\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\sweet\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Common\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Common\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Components\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Components\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Tools\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Tools\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Codecs\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Codecs\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Icons\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Icons\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Graphics\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Graphics\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Htmfiles\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Htmfiles\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Styles\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Styles\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Context\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Context\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Plug-ins\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Plug-ins\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Settings\DV - NTSC\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Settings\DV - NTSC\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Settings\DV - PAL\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Settings\DV - PAL\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Settings\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Settings\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\system\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\system\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Sample Folder\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Sample Folder\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Help\images\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Help\images\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Help\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Help\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Project-Archive\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Project-Archive\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\trunks.TMP\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\trunks.TMP\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\FOLDER.HTT Disinfected I:\Program Files\Adobe\Premiere 6.0\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Premiere 6.0\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\HTML\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\HTML\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\InterTrust\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\InterTrust\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Reader\JavaScripts\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Reader\JavaScripts\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Reader\SPPlugins\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Reader\SPPlugins\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Reader\Optional\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Reader\Optional\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Reader\Legal\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Reader\Legal\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Reader\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Reader\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\PFM\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\PFM\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Resource\CMap\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Resource\CMap\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Resource\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Resource\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Help\ENU\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Help\ENU\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\Help\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\Help\FOLDER.HTT Disinfected I:\Program Files\Adobe\Acrobat 5.0\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Acrobat 5.0\FOLDER.HTT Disinfected I:\Program Files\Adobe\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Legal\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Legal\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Required\ImageReady Default Actions\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Required\ImageReady Default Actions\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Required\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Required\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To Graphics Editor\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To Graphics Editor\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To HTML Editor\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To HTML Editor\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Helpers\Preview In\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Helpers\Preview In\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Helpers\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Helpers\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Colors\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Colors\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Output Settings\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Output Settings\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Settings\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Settings\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\Adobe Photoshop Only\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\Adobe Photoshop Only\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Books\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Books\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\Adobe Photoshop Only\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\Adobe Photoshop Only\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Custom Shapes\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Custom Shapes\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Gray-Black Duotones\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Gray-Black Duotones\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\PANTONE® Duotones\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\PANTONE® Duotones\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Process Duotones\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Process Duotones\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Gray Quadtones\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Gray Quadtones\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\PANTONE® Quadtones\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\PANTONE® Quadtones\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Process Quadtones\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Process Quadtones\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Gray Tritones\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Gray Tritones\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\PANTONE® Tritones\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\PANTONE® Tritones\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Process Tritones\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Process Tritones\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Gradients\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Gradients\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Layouts\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Layouts\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\Adobe ImageReady Only\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\Adobe ImageReady Only\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\PostScript Patterns\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\PostScript Patterns\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Photoshop Actions\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Photoshop Actions\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Contours\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Contours\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Styles\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Styles\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Textures\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Textures\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\images\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\images\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\images\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\images\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Frame\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Frame\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Light\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Light\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\images\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\images\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Simple\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Simple\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\images\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\images\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\images\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\images\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Frame\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Frame\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 1\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 1\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\images\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\images\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\Tools\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\Tools\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\ZoomView\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\ZoomView\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Presets\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Presets\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Displacement Maps\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Displacement Maps\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Effects\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Effects\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\File Formats\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\File Formats\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\Lighting Styles\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\Lighting Styles\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Import-Export\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Import-Export\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Parser\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Parser\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Digimarc\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Digimarc\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Automate\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Automate\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Extensions\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Extensions\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\File Formats\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\File Formats\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Filters\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Filters\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Import-Export\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Import-Export\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\File Formats\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\File Formats\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\Filters\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\Filters\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Samples\ImageReady Animations\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Samples\ImageReady Animations\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Samples\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Samples\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Help\images\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Help\images\FOLDER.HTT Disinfected I:\Program Files\Adobe\Photoshop 7.0\Help\FOLDER.HTT Infected with: VBS.Redlof.A (HTT) I:\Program Files\Adobe\Photoshop 7.0\Help\FOLDER.HTT Disinfected
  9. beemanbone

    Scprot4.exe

    I have to split up the log because I think it's too big to post. Here is section #1..... BitDefender Online Scanner Scan report generated at: Fri, Jan 04, 2008 - 15:36:36 Scan path: A:\;C:\;D:\;E:\;F:\;G:\;I:\;J:\; Statistics Time 02:33:47 Files 918957 Folders 12491 Boot Sectors 6 Archives 19116 Packed Files 42240 Results Identified Viruses 7 Infected Files 892 Suspect Files 0 Warnings 0 Disinfected 635 Deleted Files 257 Engines Info Virus Definitions 885451 Engine build AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36) Scan plugins 14 Archive plugins 38 Unpack plugins 7 E-mail plugins 6 System plugins 1 Scan Settings First Action Disinfect Second Action Delete Heuristics Yes Enable Warnings Yes Scanned Extensions *; Exclude Extensions Scan Emails Yes Scan Archives Yes Scan Packed Yes Scan Files Yes Scan Boot Yes Scanned File Status C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Disinfection failed C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Deleted C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Disinfection failed C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Deleted C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Disinfection failed C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Deleted C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Disinfection failed C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Deleted C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Disinfection failed C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Deleted C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Disinfection failed C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Deleted C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Disinfection failed C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Deleted C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe.vir Disinfection failed C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe.vir Deleted C:\qoobox\Quarantine\C\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe.vir Disinfection failed C:\qoobox\Quarantine\C\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe.vir Deleted C:\qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir Disinfection failed C:\qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir Deleted C:\qoobox\Quarantine\C\Program Files\HP\Digital Imaging\bin\backupnotify.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Program Files\HP\Digital Imaging\bin\backupnotify.exe.vir Disinfection failed C:\qoobox\Quarantine\C\Program Files\HP\Digital Imaging\bin\backupnotify.exe.vir Deleted C:\qoobox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir Disinfection failed C:\qoobox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir Deleted C:\qoobox\Quarantine\C\Program Files\Microsoft Money\System\mnyexpr.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Program Files\Microsoft Money\System\mnyexpr.exe.vir Disinfection failed C:\qoobox\Quarantine\C\Program Files\Microsoft Money\System\mnyexpr.exe.vir Deleted C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Disinfection failed C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Deleted C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Disinfection failed C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Deleted C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Disinfection failed C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Deleted C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Disinfection failed C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Deleted C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Disinfection failed C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Deleted C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Disinfection failed C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Deleted C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir Disinfection failed C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir Deleted C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.vir Disinfection failed C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\SMINST\RECGUARD.EXE.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\WINDOWS\SMINST\RECGUARD.EXE.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\SMINST\RECGUARD.EXE.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\dla\tfswctrl.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\WINDOWS\system32\dla\tfswctrl.exe.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\dla\tfswctrl.exe.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\drvwek.dll.vir Infected with: MemScan:Trojan.Virtumonde.IN C:\qoobox\Quarantine\C\WINDOWS\system32\drvwek.dll.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\drvwek.dll.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\hkcmd.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\WINDOWS\system32\hkcmd.exe.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\hkcmd.exe.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\hphmon05.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\WINDOWS\system32\hphmon05.exe.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\hphmon05.exe.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\igfxtray.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\WINDOWS\system32\igfxtray.exe.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\igfxtray.exe.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.dll.vir Infected with: Trojan.Vundo.DVD C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.dll.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.dll.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.exe.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.exe.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\ps2.exe.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\WINDOWS\system32\ps2.exe.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\ps2.exe.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\RCX44.tmp.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\WINDOWS\system32\RCX44.tmp.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\RCX44.tmp.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\RCX47.tmp.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\WINDOWS\system32\RCX47.tmp.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\RCX47.tmp.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\RCX48.tmp.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\WINDOWS\system32\RCX48.tmp.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\RCX48.tmp.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\RCX4E.tmp.vir Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\C\WINDOWS\system32\RCX4E.tmp.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\RCX4E.tmp.vir Deleted C:\qoobox\Quarantine\C\WINDOWS\system32\rqronno.dll.vir Infected with: Trojan.Vundo.DTJ C:\qoobox\Quarantine\C\WINDOWS\system32\rqronno.dll.vir Disinfection failed C:\qoobox\Quarantine\C\WINDOWS\system32\rqronno.dll.vir Deleted C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip=>mljjk.dll Infected with: Trojan.Vundo.ZAA C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip=>mljjk.dll Disinfection failed C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip=>mljjk.dll Deleted C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip Updated C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll Infected with: Trojan.Vundo.ZAA C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll Disinfection failed C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll Deleted C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip Updated C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll.1 Infected with: Trojan.Vundo.DVD C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll.1 Disinfection failed C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll.1 Deleted C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip Updated C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>rqronno.dll Infected with: Trojan.Vundo.DTJ C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>rqronno.dll Disinfection failed C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>rqronno.dll Deleted C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip Updated C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>mljjk.dll Infected with: Trojan.Vundo.ZAA C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>mljjk.dll Disinfection failed C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>mljjk.dll Deleted C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip Updated C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>osCheck.exe Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>osCheck.exe Disinfection failed C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>osCheck.exe Deleted C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip Updated C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>ccApp.exe Infected with: Trojan.Dropper.Vundo.E C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>ccApp.exe Disinfection failed C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>ccApp.exe Deleted C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip Updated C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056956.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056956.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056956.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056959.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056959.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056959.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056961.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056961.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056961.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056963.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056963.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056963.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056964.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056964.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056964.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056965.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056965.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056965.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056966.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056966.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056966.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056967.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056967.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056967.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056968.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056968.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056968.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056969.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056969.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056969.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056970.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056970.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056970.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056971.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056971.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056971.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056976.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056976.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056976.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056980.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056980.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056980.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056999.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056999.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056999.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057001.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057001.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057001.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057002.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057002.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057002.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057003.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057003.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057003.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057005.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057005.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057005.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057006.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057006.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057006.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057007.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057007.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057007.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057008.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057008.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057008.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057009.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057009.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057009.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057010.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057010.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057010.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057011.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057011.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057011.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057013.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057013.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057013.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057019.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057019.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057019.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057071.dll Infected with: MemScan:Trojan.Virtumonde.IN C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057071.dll Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057071.dll Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057074.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057074.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057074.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057089.dll Infected with: Trojan.Vundo.ZAA C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057089.dll Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057089.dll Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057109.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057109.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057109.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057110.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057110.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057110.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057114.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057114.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057114.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057115.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057115.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057115.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057117.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057117.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057117.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057118.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057118.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057118.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057119.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057119.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057119.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057120.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057120.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057120.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057121.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057121.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057121.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057122.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057122.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057122.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057123.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057123.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057123.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057124.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057124.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057124.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057127.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057127.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057127.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057128.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057128.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057128.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057138.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057138.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057138.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057199.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057199.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057199.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057200.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057200.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057200.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057202.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057202.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057202.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057203.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057203.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057203.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057204.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057204.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057204.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057205.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057205.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057205.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057206.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057206.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057206.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057207.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057207.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057207.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057208.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057208.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057208.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057209.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057209.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057209.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057210.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057210.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057210.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057211.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057211.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057211.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057212.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057212.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057212.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057215.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057215.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057215.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057268.dll Infected with: Trojan.Vundo.DVD C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057268.dll Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057268.dll Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057269.dll Infected with: Trojan.Vundo.DTJ C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057269.dll Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057269.dll Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058212.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058212.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058212.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058213.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058213.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058213.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058214.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058214.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058214.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058215.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058215.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058215.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058217.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058217.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058217.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058218.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058218.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058218.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058219.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058219.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058219.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058221.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058221.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058221.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058222.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058222.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058222.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058223.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058223.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058223.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058224.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058224.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058224.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058225.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058225.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058225.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058226.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058226.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058226.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058227.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058227.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058227.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058229.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058229.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058229.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058235.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058235.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058235.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058362.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058362.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058362.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058363.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058363.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058363.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058364.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058364.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058364.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058365.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058365.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058365.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058367.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058367.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058367.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058368.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058368.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058368.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058369.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058369.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058369.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058370.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058370.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058370.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058371.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058371.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058371.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058372.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058372.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058372.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058373.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058373.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058373.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058374.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058374.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058374.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058375.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058375.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058375.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058376.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058376.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058376.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058377.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058377.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058377.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058378.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058378.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058378.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058383.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058383.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058383.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058392.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058392.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058392.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058393.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058393.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058393.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058394.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058394.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058394.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058395.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058395.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058395.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058396.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058396.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058396.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058419.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058419.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058419.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058420.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058420.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058420.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058421.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058421.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058421.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058422.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058422.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058422.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058423.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058423.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058423.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058425.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058425.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058425.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058426.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058426.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058426.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058427.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058427.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058427.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058428.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058428.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058428.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058429.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058429.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058429.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058430.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058430.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058430.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058431.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058431.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058431.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058432.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058432.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058432.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058433.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058433.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058433.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058434.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058434.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058434.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058438.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058438.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058438.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058443.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058443.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058443.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058461.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058461.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058461.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058462.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058462.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058462.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058464.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058464.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058464.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058465.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058465.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058465.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058466.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058466.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058466.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058467.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058467.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058467.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058469.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058469.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058469.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058470.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058470.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058470.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058471.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058471.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058471.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058472.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058472.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058472.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058473.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058473.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058473.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058474.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058474.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058474.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058475.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058475.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058475.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058476.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058476.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058476.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058477.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058477.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058477.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058478.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058478.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058478.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058479.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058479.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058479.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058480.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058480.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058480.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058516.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058516.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058516.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058518.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058518.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058518.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058520.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058520.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058520.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058521.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058521.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058521.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058522.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058522.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058522.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058523.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058523.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058523.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058525.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058525.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058525.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058527.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058527.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058527.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058532.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058532.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058532.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058533.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058533.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058533.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058540.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058540.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058540.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058542.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058542.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058542.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058543.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058543.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058543.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058545.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058545.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058545.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058546.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058546.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058546.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058548.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058548.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058548.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058549.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058549.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058549.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058550.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058550.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058550.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058551.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058551.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058551.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058552.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058552.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058552.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058553.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058553.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058553.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058554.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058554.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058554.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058555.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058555.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058555.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058556.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058556.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058556.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058557.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058557.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058557.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058558.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058558.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058558.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058559.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058559.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058559.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058560.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058560.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058560.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058561.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058561.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058561.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058562.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058562.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058562.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058563.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058563.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058563.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058601.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058601.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058601.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058602.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058602.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058602.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058603.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058603.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058603.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058604.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058604.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058604.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058605.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058605.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058605.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058606.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058606.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058606.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058608.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058608.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058608.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058609.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058609.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058609.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058610.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058610.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058610.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058611.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058611.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058611.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058612.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058612.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058612.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058613.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058613.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058613.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058614.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058614.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058614.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058615.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058615.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058615.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058617.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058617.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058617.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058618.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058618.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058618.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058620.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058620.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058620.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058625.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058625.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058625.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058626.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058626.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058626.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058627.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058627.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058627.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058628.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058628.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058628.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058629.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058629.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058629.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058641.EXE Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058641.EXE Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058641.EXE Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058642.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058642.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058642.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058643.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058643.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058643.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058644.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058644.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058644.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058645.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058645.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058645.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058646.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058646.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058646.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058647.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058647.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058647.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058648.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058648.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058648.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058649.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058649.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058649.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058650.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058650.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058650.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058651.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058651.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058651.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058652.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058652.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058652.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058653.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058653.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058653.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058654.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058654.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058654.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058655.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058655.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058655.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058656.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058656.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058656.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058657.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058657.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058657.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058658.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058658.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058658.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058659.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058659.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058659.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058660.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058660.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058660.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058661.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058661.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058661.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058662.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058662.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058662.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058663.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058663.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058663.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058664.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058664.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058664.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058665.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058665.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058665.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058666.exe Infected with: Trojan.Dropper.Vundo.E C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058666.exe Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058666.exe Deleted C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058671.dll Infected with: Trojan.Vundo.ZAA C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058671.dll Disinfection failed C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058671.dll Deleted
  10. beemanbone

    Scprot4.exe

    I'm sorry. Avast says: Pandahttp://acs.pandasoftware.com/activescan/as5free/motor.cab\pskavs.DLL Win32:CTX Virus/Worm
  11. beemanbone

    Scprot4.exe

    Avast says it's trying to download a virus
  12. beemanbone

    Scprot4.exe

    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:30:23 PM, on 1/4/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Avast4\aswUpdSv.exe C:\Program Files\Avast4\ashServ.exe C:\WINDOWS\system32\ps2.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\System32\hphmon05.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\PROGRA~1\Avast4\ashDisp.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Avast4\ashMaiSv.exe C:\Program Files\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\SiteAdvisor\6253\SAService.exe C:\Program Files\SiteAdvisor\6253\SiteAdv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe O4 - Global Startup: APC UPS Status.lnk = ? O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609 O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10709 bytes
  13. beemanbone

    Scprot4.exe

    ComboFix 07-12-31.4 - Owner 2008-01-04 12:26:14.6 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.311 [GMT -6:00] Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe . The following files were disabled during the run: C:\WINDOWS\system32\guard32.dll ((((((((((((((((((((((((( Files Created from 2007-12-04 to 2008-01-04 ))))))))))))))))))))))))))))))) . 2008-01-04 08:16 . 2008-01-04 08:16 <DIR> d-------- C:\Program Files\SiteAdvisor 2008-01-04 08:16 . 2008-01-04 08:16 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\SiteAdvisor 2008-01-04 08:05 . 2008-01-04 08:07 <DIR> d-------- C:\Program Files\SpywareBlaster 2008-01-04 07:59 . 2008-01-04 07:59 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\SiteAdvisor 2008-01-04 07:59 . 2008-01-04 08:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor 2008-01-04 07:59 . 2008-01-04 08:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee 2008-01-04 07:44 . 2008-01-04 07:44 <DIR> d-------- C:\Program Files\COMODO 2008-01-04 07:44 . 2008-01-04 07:44 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Comodo 2008-01-04 07:44 . 2008-01-04 07:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\comodo 2008-01-04 07:44 . 2008-01-04 07:44 139,008 --a------ C:\WINDOWS\system32\guard32.dll.vir 2008-01-04 07:44 . 2008-01-04 07:44 79,096 --a------ C:\WINDOWS\system32\drivers\cmdGuard.sys 2008-01-04 07:44 . 2008-01-04 07:44 23,672 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys 2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-01-02 16:15 . 2007-12-04 06:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2008-01-02 16:15 . 2007-12-04 08:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2008-01-02 16:15 . 2007-12-04 08:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2008-01-02 16:15 . 2007-12-04 08:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2008-01-02 16:15 . 2007-12-04 08:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2008-01-02 16:15 . 2007-12-04 08:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2008-01-02 16:14 . 2008-01-02 16:14 <DIR> d-------- C:\Program Files\Avast4 2008-01-02 16:14 . 2007-12-04 07:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2008-01-02 16:14 . 2004-01-09 03:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2008-01-02 12:57 . 2008-01-02 01:53 483,328 --a------ C:\WINDOWS\system32\hphmon05.exe 2008-01-02 12:57 . 2008-01-02 01:53 155,648 --a------ C:\WINDOWS\system32\igfxtray.exe 2008-01-02 12:57 . 2008-01-02 01:53 118,784 --a------ C:\WINDOWS\system32\hkcmd.exe 2008-01-02 12:57 . 2008-01-02 01:53 81,920 --a------ C:\WINDOWS\system32\ps2.exe 2008-01-02 08:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a--c--- C:\WINDOWS\system32\dllcache\ctfmon.exe 2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe 2007-12-19 22:26 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-12-19 22:26 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-12-19 22:26 . 2007-12-19 22:57 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe 2007-12-19 22:26 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-12-19 22:26 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-12-19 22:26 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Program Files\Lavasoft 2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-12-19 16:12 . 2007-12-19 16:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-12-19 15:53 . 2007-12-19 15:54 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AdwareAlert 2007-12-19 15:20 . 2007-12-19 15:20 <DIR> d-------- C:\Program Files\Trend Micro . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-04 18:15 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-01-02 22:47 --------- d-----w C:\Program Files\Morpheus 2008-01-02 21:41 --------- d-----w C:\Program Files\Symantec 2008-01-02 21:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2008-01-02 14:51 --------- d-----w C:\Program Files\QuickTime 2007-12-19 20:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-12-16 17:07 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso 2007-11-26 01:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-27 23:39 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-09-01 12:55 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys . ((((((((((((((((((((((((((((( snapshot_2008-01-02_ 9.01.43.43 ))))))))))))))))))))))))))))))))))))))))) . - 2004-08-04 03:32:00 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\imjpmig.exe + 2007-12-20 13:14:23 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\IMJPMIG.EXE - 2002-08-29 12:00:00 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\imekrmig.exe + 2007-12-20 13:14:27 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE + 2008-01-02 07:53:21 233,472 ----a-w C:\WINDOWS\SMINST\RECGUARD.EXE + 2008-01-02 07:53:56 114,741 ----a-w C:\WINDOWS\system32\dla\tfswctrl.exe - 2002-08-29 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe + 2007-12-20 13:14:27 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe - 2004-08-04 03:32:00 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe + 2007-12-20 13:14:23 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe - 2004-08-04 03:31:50 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe + 2007-12-20 13:14:26 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe - 2004-08-04 03:32:16 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe + 2007-12-20 13:14:31 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe + 2008-01-04 13:44:03 74,616 ----a-w C:\WINDOWS\system32\drivers\inspect.sys - 2004-08-04 03:31:50 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe + 2007-12-20 13:14:26 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe - 2004-08-04 03:32:16 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe + 2007-12-20 13:14:31 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE + 2005-05-24 18:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll + 2007-08-29 21:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe + 2007-08-29 21:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll + 2008-01-04 14:26:35 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_544.dat + 2008-01-04 13:47:52 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_594.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RecordNow!"="" [] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-12-20 07:14 15360] "BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2008-01-02 01:54 32768] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-01-02 01:54 1694208] "MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2008-01-02 01:54 200704] "AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2008-01-02 01:53 233472] "PS2"="C:\WINDOWS\system32\ps2.exe" [2008-01-02 01:53 81920] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-01-02 01:53 155648] "HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2008-01-02 01:53 483328] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-01-02 01:53 118784] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2008-01-02 01:53 114741] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-02 01:53 185896] "QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2008-01-02 01:54 57344] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2007-12-20 07:14 208952] "IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2007-12-20 07:14 44032] "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2007-12-20 07:14 59392] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168] "avast!"="C:\PROGRA~1\Avast4\ashDisp.exe" [2007-12-04 07:00 79224] "COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-01-04 07:44 1481984] "SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [2007-12-04 15:03 36640] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2006-09-02 17:36 100032] "Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"= C:\WINDOWS\system32\guard32.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2008-01-02 01:54 57344 --a------ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] AGRSMMSG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service] 2004-08-16 16:45 45056 --a------ C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus XtremeG] 2004-09-22 13:08 987136 --a------ C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05] 2003-08-21 05:23 49152 --a------ c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] 1998-05-07 18:04 52736 --a------ c:\windows\system\hpsysdrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2005-06-24 14:16 278528 --a------ C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] 2003-02-11 21:02 61440 --a------ C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] 2005-05-28 21:48 155648 --------- C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder] 2005-04-02 22:08 98304 --a------ C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2006-11-09 15:07 49263 --a------ C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup] 2003-03-31 19:28 155648 --a------ C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager] c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] VTTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Viewpoint Manager Service"=2 (0x2) "StarWindService"=2 (0x2) "Pml Driver HPZ12"=3 (0x3) "ose"=3 (0x3) "MDM"=2 (0x2) "LiveUpdate"=3 (0x3) "iPodService"=3 (0x3) "IDriverT"=3 (0x3) "comHost"=3 (0x3) "Bonjour Service"=2 (0x2) "Automatic LiveUpdate Scheduler"=2 (0x2) "Adobe LM Service"=3 (0x3) R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-01-04 07:44] R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-01-04 07:44] R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2004-09-02 21:01] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f31d8fe-21d6-11d9-928a-000c76ff2271}] \Shell\AutoRun\command - H:\setupSNK.exe *Newly Created Service* - CMDAGENT *Newly Created Service* - CMDGUARD *Newly Created Service* - CMDHLP *Newly Created Service* - INSPECT *Newly Created Service* - SITEADVISOR_SERVICE . Contents of the 'Scheduled Tasks' folder "2007-12-19 21:53:35 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job" - C:\Program Files\AdwareAlert\AdwareAlert.ex - C:\Program Files\AdwareAlert "2007-12-06 23:50:01 C:\WINDOWS\Tasks\EasyShare Registration Task.job" - C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt [email protected] . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-04 12:28:22 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\winlogon.exe -> C:\WINDOWS\system32\guard32.dll PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180] -> C:\WINDOWS\system32\guard32.dll . Completion time: 2008-01-04 12:29:28 C:\qoobox\ComboFix-quarantined-files.txt 2008-01-04 18:29:18 C:\qoobox\ComboFix2.txt 2008-01-03 13:25:41 C:\qoobox\ComboFix3.txt 2008-01-02 19:06:23 C:\qoobox\ComboFix4.txt 2008-01-02 15:02:19 C:\qoobox\ComboFix5.txt 2007-12-20 13:48:47 . 2008-01-04 13:22:12 --- E O F ---
  14. beemanbone

    Scprot4.exe

    Here it is. Ran on Fri 01/04/2008 - 12:15:01.40 Entries: 0 (0) Directories: 0 Files: 0 Bytes: 0 Blocks: 0
  15. beemanbone

    Scprot4.exe

    Here's the log. Ran on Fri 01/04/2008 - 7:25:52.65 ------w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe Entries: 1 (1) Directories: 0 Files: 1 Bytes: 84,640 Blocks: 166
  16. beemanbone

    Scprot4.exe

    I: and J: are an external hard drive that I made using my old CPU's hard drive. It also did not run antivirus software. Here is the new ComboFix log: ComboFix 07-12-31.4 - Owner 2008-01-03 7:17:33.5 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.206 [GMT -6:00] Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe . ((((((((((((((((((((((((( Files Created from 2007-12-03 to 2008-01-03 ))))))))))))))))))))))))))))))) . 2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\WINDOWS\LastGood 2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-01-02 16:15 . 2007-12-04 06:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2008-01-02 16:15 . 2007-12-04 08:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2008-01-02 16:15 . 2007-12-04 08:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2008-01-02 16:15 . 2007-12-04 08:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2008-01-02 16:15 . 2007-12-04 08:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2008-01-02 16:15 . 2007-12-04 08:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2008-01-02 16:14 . 2008-01-02 16:14 <DIR> d-------- C:\Program Files\Avast4 2008-01-02 16:14 . 2007-12-04 07:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2008-01-02 16:14 . 2004-01-09 03:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2008-01-02 12:57 . 2008-01-02 01:53 483,328 --a------ C:\WINDOWS\system32\hphmon05.exe 2008-01-02 12:57 . 2008-01-02 01:53 155,648 --a------ C:\WINDOWS\system32\igfxtray.exe 2008-01-02 12:57 . 2008-01-02 01:53 118,784 --a------ C:\WINDOWS\system32\hkcmd.exe 2008-01-02 12:57 . 2008-01-02 01:53 81,920 --a------ C:\WINDOWS\system32\ps2.exe 2008-01-02 08:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a--c--- C:\WINDOWS\system32\dllcache\ctfmon.exe 2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe 2007-12-19 22:26 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-12-19 22:26 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-12-19 22:26 . 2007-12-19 22:57 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe 2007-12-19 22:26 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-12-19 22:26 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-12-19 22:26 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Program Files\Lavasoft 2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-12-19 16:12 . 2007-12-19 16:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-12-19 15:53 . 2007-12-19 15:54 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AdwareAlert 2007-12-19 15:20 . 2007-12-19 15:20 <DIR> d-------- C:\Program Files\Trend Micro . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-02 22:47 --------- d-----w C:\Program Files\Morpheus 2008-01-02 21:43 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-01-02 21:41 --------- d-----w C:\Program Files\Symantec 2008-01-02 21:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2008-01-02 14:51 --------- d-----w C:\Program Files\QuickTime 2007-12-19 20:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-12-16 17:07 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso 2007-11-26 01:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-27 23:39 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-09-01 12:55 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys . ------w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe ((((((((((((((((((((((((((((( snapshot_2008-01-02_ 9.01.43.43 ))))))))))))))))))))))))))))))))))))))))) . - 2004-08-04 03:32:00 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\imjpmig.exe + 2007-12-20 13:14:23 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\IMJPMIG.EXE - 2002-08-29 12:00:00 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\imekrmig.exe + 2007-12-20 13:14:27 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE + 2008-01-02 07:53:21 233,472 ----a-w C:\WINDOWS\SMINST\RECGUARD.EXE + 2008-01-02 07:53:56 114,741 ----a-w C:\WINDOWS\system32\dla\tfswctrl.exe - 2002-08-29 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe + 2007-12-20 13:14:27 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe - 2004-08-04 03:32:00 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe + 2007-12-20 13:14:23 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe - 2004-08-04 03:31:50 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe + 2007-12-20 13:14:26 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe - 2004-08-04 03:32:16 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe + 2007-12-20 13:14:31 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe - 2004-08-04 03:31:50 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe + 2007-12-20 13:14:26 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe - 2004-08-04 03:32:16 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe + 2007-12-20 13:14:31 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE + 2005-05-24 18:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll + 2007-08-29 21:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe + 2007-08-29 21:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll + 2008-01-02 23:32:58 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_4f0.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RecordNow!"="" [] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-12-20 07:14 15360] "BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2008-01-02 01:54 32768] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-01-02 01:54 1694208] "MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2008-01-02 01:54 200704] "AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2008-01-02 01:53 233472] "PS2"="C:\WINDOWS\system32\ps2.exe" [2008-01-02 01:53 81920] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-01-02 01:53 155648] "HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2008-01-02 01:53 483328] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-01-02 01:53 118784] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2008-01-02 01:53 114741] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-02 01:53 185896] "QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2008-01-02 01:54 57344] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2007-12-20 07:14 208952] "IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2007-12-20 07:14 44032] "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2007-12-20 07:14 59392] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168] "avast!"="C:\PROGRA~1\Avast4\ashDisp.exe" [2007-12-04 07:00 79224] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2006-09-02 17:36 100032] "Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2008-01-02 01:54 57344 --a------ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] AGRSMMSG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service] 2004-08-16 16:45 45056 --a------ C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus XtremeG] 2004-09-22 13:08 987136 --a------ C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05] 2003-08-21 05:23 49152 --a------ c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] 1998-05-07 18:04 52736 --a------ c:\windows\system\hpsysdrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2005-06-24 14:16 278528 --a------ C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] 2003-02-11 21:02 61440 --a------ C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] 2005-05-28 21:48 155648 --------- C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder] 2005-04-02 22:08 98304 --a------ C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2006-11-09 15:07 49263 --a------ C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup] 2003-03-31 19:28 155648 --a------ C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager] c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] VTTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Viewpoint Manager Service"=2 (0x2) "StarWindService"=2 (0x2) "Pml Driver HPZ12"=3 (0x3) "ose"=3 (0x3) "MDM"=2 (0x2) "LiveUpdate"=3 (0x3) "iPodService"=3 (0x3) "IDriverT"=3 (0x3) "comHost"=3 (0x3) "Bonjour Service"=2 (0x2) "Automatic LiveUpdate Scheduler"=2 (0x2) "Adobe LM Service"=3 (0x3) S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2004-09-02 21:01] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f31d8fe-21d6-11d9-928a-000c76ff2271}] \Shell\AutoRun\command - H:\setupSNK.exe *Newly Created Service* - AAVMKER4 *Newly Created Service* - ASWMON2 *Newly Created Service* - ASWRDR *Newly Created Service* - ASWTDI *Newly Created Service* - ASWUPDSV *Newly Created Service* - AVAST!_ANTIVIRUS *Newly Created Service* - AVAST!_MAIL_SCANNER *Newly Created Service* - AVAST!_WEB_SCANNER . Contents of the 'Scheduled Tasks' folder "2007-12-19 21:53:35 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job" - C:\Program Files\AdwareAlert\AdwareAlert.ex - C:\Program Files\AdwareAlert "2007-12-06 23:50:01 C:\WINDOWS\Tasks\EasyShare Registration Task.job" - C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt [email protected] . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-03 07:24:38 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-01-03 7:25:41 C:\qoobox\ComboFix-quarantined-files.txt 2008-01-03 13:25:18 C:\qoobox\ComboFix2.txt 2008-01-02 19:06:23 C:\qoobox\ComboFix3.txt 2008-01-02 15:02:19 C:\qoobox\ComboFix4.txt 2007-12-20 13:48:47 C:\qoobox\ComboFix5.txt 2007-12-20 04:52:57 . 2008-01-03 13:20:45 --- E O F ---
  17. beemanbone

    Scprot4.exe

    Here is the new hijackthis log. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:58:00 PM, on 1/2/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Avast4\aswUpdSv.exe C:\Program Files\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Avast4\ashMaiSv.exe C:\Program Files\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ps2.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\System32\hphmon05.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe O4 - Global Startup: APC UPS Status.lnk = ? O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609 O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10062 bytes
  18. beemanbone

    Scprot4.exe

    Here is the log from the virus scan I completed. ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Wednesday, January 02, 2008 11:56:47 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 3/01/2008 Kaspersky Anti-Virus database records: 501803 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ I:\ J:\ Scan Statistics: Total number of scanned objects: 152088 Number of viruses found: 19 Number of infected objects: 922 Number of suspicious objects: 0 Duration of the scan process: 02:57:53 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-01-02_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\cert8.db Object is locked skipped C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\history.dat Object is locked skipped C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\key3.db Object is locked skipped C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\parent.lock Object is locked skipped C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\search.sqlite Object is locked skipped C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\urlclassifier2.sqlite Object is locked skipped C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Owner\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped C:\Program Files\Avast4\DATA\aswResp.dat Object is locked skipped C:\Program Files\Avast4\DATA\Avast4.db Object is locked skipped C:\Program Files\Avast4\DATA\integ\avast.int Object is locked skipped C:\Program Files\Avast4\DATA\log\AshWebSv.ws Object is locked skipped C:\Program Files\Avast4\DATA\log\aswMaiSv.log Object is locked skipped C:\Program Files\Avast4\DATA\log\nshield.log Object is locked skipped C:\Program Files\Avast4\DATA\report\Resident protection.txt Object is locked skipped C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\HP\Digital Imaging\bin\backupnotify.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\Microsoft Money\System\mnyexpr.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\Outerinfo\FF\components\FF.dll.vir Infected: not-a-virus:AdWare.Win32.ZenoSearch.ad skipped C:\qoobox\Quarantine\C\Program Files\Outerinfo\OiUninstaller.exe.vir/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.gn skipped C:\qoobox\Quarantine\C\Program Files\Outerinfo\OiUninstaller.exe.vir NSIS: infected - 1 skipped C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\Program Files\yvqdgbir\qdsjihqj.dll.vir Infected: Trojan-Downloader.Win32.Zlob.fof skipped C:\qoobox\Quarantine\C\WINDOWS\SMINST\RECGUARD.EXE.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\WINDOWS\system32\dla\tfswctrl.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drvwek.dll.vir Infected: Trojan.Win32.Dialer.yz skipped C:\qoobox\Quarantine\C\WINDOWS\system32\hkcmd.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\WINDOWS\system32\hphmon05.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\WINDOWS\system32\igfxtray.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\WINDOWS\system32\njprckha\njprckha1.exe.vir Infected: not-a-virus:FraudTool.Win32.UltimateDefender.aa skipped C:\qoobox\Quarantine\C\WINDOWS\system32\njprckha\njprckha2.exe.vir Infected: not-a-virus:FraudTool.Win32.UltimateDefender.v skipped C:\qoobox\Quarantine\C\WINDOWS\system32\njprckha\njprckha3.exe.vir Infected: not-a-virus:Downloader.Win32.UltimateFix.d skipped C:\qoobox\Quarantine\C\WINDOWS\system32\ps2.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\WINDOWS\system32\RCX44.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\WINDOWS\system32\RCX47.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\WINDOWS\system32\RCX48.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\C\WINDOWS\system32\RCX4E.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip/mljjk.dll Infected: Virus.Win32.Trats.c skipped C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip ZIP: infected - 1 skipped C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip/mljjk.dll Infected: Virus.Win32.Trats.c skipped C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip/rqronno.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.cln skipped C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip ZIP: infected - 2 skipped C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip/mljjk.dll Infected: Virus.Win32.Trats.c skipped C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip/osCheck.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip/ccApp.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip ZIP: infected - 3 skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056956.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056959.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056961.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056963.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056964.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056965.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056966.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056967.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056968.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056969.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056970.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056971.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056976.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056980.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056999.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057001.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057002.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057003.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057005.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057006.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057007.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057008.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057009.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057010.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057011.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057013.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057019.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057067.dll Infected: Trojan-Downloader.Win32.Zlob.fof skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057068.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.aa skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057069.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.v skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057070.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.d skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057071.dll Infected: Trojan.Win32.Dialer.yz skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057074.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057076.exe/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.gn skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057076.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057081.dll Infected: not-a-virus:AdWare.Win32.ZenoSearch.ad skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057089.dll Infected: Virus.Win32.Trats.c skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057109.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057110.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057114.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057115.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057117.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057118.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057119.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057120.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057121.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057122.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057123.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057124.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057127.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057128.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057138.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057199.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057200.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057202.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057203.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057204.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057205.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057206.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057207.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057208.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057209.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057210.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057211.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057212.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057215.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057249.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057250.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057251.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057269.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.cln skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058212.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058213.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058214.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058215.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058217.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058218.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058219.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058221.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058222.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058223.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058224.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058225.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058226.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058227.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058229.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058235.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058362.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058363.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058364.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058365.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058367.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058368.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058369.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058370.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058371.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058372.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058373.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058374.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058375.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058376.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058377.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058378.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058383.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058392.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058393.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058394.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058395.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058396.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058419.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058420.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058421.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058422.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058423.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058425.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058426.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058427.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058428.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058429.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058430.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058431.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058432.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058433.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058434.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058438.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058443.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058461.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058462.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058464.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058465.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058466.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058467.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058469.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058470.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058471.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058472.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058473.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058474.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058475.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058476.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058477.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058478.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058479.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058480.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058516.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058518.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058520.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058521.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058522.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058523.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058525.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058527.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058532.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058533.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058540.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058542.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058543.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058545.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058546.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058548.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058549.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058550.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058551.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058552.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058553.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058554.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058555.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058556.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058557.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058558.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058559.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058560.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058561.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058562.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058563.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058601.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058602.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058603.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058604.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058605.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058606.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058608.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058609.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058610.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058611.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058612.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058613.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058614.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058615.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058617.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058618.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058620.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058625.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058626.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058627.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058628.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058629.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058641.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058642.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058643.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058644.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058645.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058646.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058647.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058648.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058649.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058650.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058651.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058652.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058653.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058654.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058655.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058656.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058657.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058658.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058659.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058660.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058661.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058662.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058663.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058664.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058665.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058666.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058671.dll Infected: Virus.Win32.Trats.c skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP836\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{C93236CA-31EC-4962-926C-F618EDDE61EC}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\Antiviru.evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\TEMP\Perflib_Perfdata_4f0.dat Object is locked skipped C:\WINDOWS\TEMP\_avast4_\Webshlock.txt Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped I:\Program Files\Trident Microsystems, Inc\Display Driver\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Trident Microsystems, Inc\trident\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Trident Microsystems, Inc\trident\lessons\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Trident Microsystems, Inc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\WinRAR\Formats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\avs\newpicks\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\avs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\Images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\sayings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\resources\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\names\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\models\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\Dotorama\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\arsc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\rsc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Art\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Models\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\wtvis\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\wt\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\CLIMAX PRESETS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\CLIMAX PALETTES\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\G-Force ColorMaps\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\G-Force DeltaFields\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\G-Force Particles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\G-Force WaveShapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\G-Force\Extras\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\G-Force\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\ml\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\Plugins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\AOD\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Winamp\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\AnalogX\Scratch\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\AnalogX\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\WinZip\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder (2)\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\OutputFiles\no artist\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\OutputFiles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\OutputFiles\unknown artist\New CD\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\OutputFiles\unknown artist\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\LocalCDDB\blues\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\LocalCDDB\classical\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\LocalCDDB\country\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\LocalCDDB\data\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\LocalCDDB\folk\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\LocalCDDB\jazz\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\LocalCDDB\misc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\LocalCDDB\newage\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\LocalCDDB\reggae\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\LocalCDDB\rock\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\LocalCDDB\soundtrack\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\LocalCDDB\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\cdex 130\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\motion\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Palettes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\AEFilters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\sweet\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Common\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Components\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Tools\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Codecs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Icons\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Graphics\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Htmfiles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Styles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Context\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Plug-ins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Settings\DV - NTSC\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Settings\DV - PAL\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Settings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\system\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Sample Folder\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Help\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Project-Archive\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\trunks.TMP\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Premiere 6.0\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\HTML\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\InterTrust\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Reader\JavaScripts\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Reader\SPPlugins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Reader\Optional\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Reader\Legal\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Reader\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\PFM\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Resource\CMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Resource\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Help\ENU\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Acrobat 5.0\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Legal\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Required\ImageReady Default Actions\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Required\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To Graphics Editor\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To HTML Editor\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Helpers\Preview In\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Helpers\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Colors\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Output Settings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Settings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\Adobe Photoshop Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Books\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\Adobe Photoshop Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Custom Shapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Gray-Black Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\PANTONE® Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Process Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Gray Quadtones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\PANTONE® Quadtones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Process Quadtones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Gray Tritones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\PANTONE® Tritones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Process Tritones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Gradients\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Layouts\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\Adobe ImageReady Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\PostScript Patterns\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Photoshop Actions\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Contours\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Styles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Textures\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Frame\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Light\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Simple\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Frame\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 1\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\Tools\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\ZoomView\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Displacement Maps\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\File Formats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\Lighting Styles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Import-Export\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Parser\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Digimarc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Automate\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Extensions\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\File Formats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Filters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Import-Export\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\File Formats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\Filters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Samples\ImageReady Animations\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Samples\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Help\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\Adobe\Photoshop 7.0\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\VST\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Generators\Wasp\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Generators\Wasp\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Data\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Generators\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Effects\Fruity NoteBook\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity NoteBook\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Data\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\SimSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\Generators\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\Fruity\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Plugins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Config\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Goodies\FLP file format\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Goodies\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Internet\About\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Internet\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Loops\Basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Loops\Cool stuff\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Loops\Cover songs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Loops\DrumSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Loops\MIDI\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Loops\Remixes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Loops\Songwriters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Loops\TS404\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Loops\Covers\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Loops\Misc\DrumSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Loops\Misc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Loops\Tutorial\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Loops\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Artwork\Full\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Artwork\Wallpapers\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Artwork\Skins\Default\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Artwork\Skins\New steps\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Artwork\Skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Artwork\Demo\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\WAV\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\MIDI\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\8 channels\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Acoustic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 78\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 8000\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Electro\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Percussion\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\R & B\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Techno\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 808\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 909\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\Basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\Basic TS404\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\Club basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\Empty\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\Studio\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\808\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\ReBirth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumKits\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Shapes\ml_shapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Andrew\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Shapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\bass\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\drums\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Echo delay FX\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\FX\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Long\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\misc synths\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Short\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\string vars\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Strings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Synth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Andrew\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\Guitar\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Packs\Basic\Basses\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Packs\Basic\General\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Packs\Basic\HiHats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\Looped\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Packs\Basic\Kicks\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Packs\Basic\Snares\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Packs\Basic\Stabs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Packs\Basic\Voices\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Packs\Basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Packs\ReBirth import (LQ)\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Packs\Vintage\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Packs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DS_Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DS_Various\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\TS404 presets\Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\TS404 presets\Extra2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\TS404 presets\Extra3\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\TS404 presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\Fruity 7 band EQ\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\Fruity delay\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\Fruity filter\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\Fruity free filter\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\Fruity reeverb\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\WASP\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\Plucked!\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\BeepMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\3x Osc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\MIDI out\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\Fruity phaser\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\Fruity PanOMatic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\Fruity flanger\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\Fruity wrapper\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\SimSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FX presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Humanize presets\Grooves\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Humanize presets\Level\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Humanize presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SS_Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SS_Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SS2_Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SS2_Extra\2.7\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SS2_Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SS2_Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SS2_Riffs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\TS404 shapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Used by tunes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Channel presets\BeepMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\Channel presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumSynth\Fuzz\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumSynth\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumSynth\Various\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\DrumSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SimSynth\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SimSynth\Effects 2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SimSynth\Extra\2.7\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SimSynth\Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SimSynth\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SimSynth\Instruments 2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SimSynth\Riffs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\SimSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\System\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\STARTSONG\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Samples\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins\3D Wheels\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins\Big Scope\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins\Dark keyboard\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins\Default\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins\Grip\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins\Lights\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins\Magnum\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins\My little playlist\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins\Red LCD\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins\Red White Keys\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins\Wide\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins 3\Default\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins 3\New steps\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Skins 3\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Texts\html\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Texts\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Tools\BeatSlicer\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Tools\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\Trash bin\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\FruityLoops\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\igowin\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\CHANGJIE\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\PowerDVD\Skins\Crystal\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\PowerDVD\Skins\Neo\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\PowerDVD\Skins\Oscar\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\PowerDVD\Skins\Epiphany\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\PowerDVD\Skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\PowerDVD\HTML\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\Program Files\PowerDVD\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\RECYCLED\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\audio\soundforge\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\audio\ACID\songs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\audio\ACID\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\audio\rebirth2\Default Songs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\audio\rebirth2\Demo Songs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\audio\rebirth2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\audio\ZILLION\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\FAILSAFE.DRV\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\unzipped\cdex_130\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\unzipped\cheatsheet_compiler\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Bee's Stuff\dload\sites\Main\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Bee's Stuff\dload\sites\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Bee's Stuff\dload\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Bee's Stuff\dload\flashget dl.exe/WISE0018.BIN/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped I:\My Documents BEE\Bee's Stuff\dload\flashget dl.exe/WISE0018.BIN Infected: not-a-virus:AdWare.Win32.Cydoor skipped I:\My Documents BEE\Bee's Stuff\dload\flashget dl.exe WiseSFX: infected - 2 skipped I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/NHInstall.exe Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/v2.0.2.cab/NHUninstaller.exe Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/v2.0.2.cab/NHelper.dll Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/v2.0.2.cab/NHUpdater.exe Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/v2.0.2.cab Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009 Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped I:\My Documents BEE\Bee's Stuff\dload\setup.exe NSIS: infected - 6 skipped I:\My Documents BEE\Bee's Stuff\dload\B T\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Bee's Stuff\dload\PowerDVD 5.0\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Bee's Stuff\Faye's Stuff\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Bee's Stuff\Anime\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Bee's Stuff\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\system\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\addons\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.603 skipped I:\My Documents BEE\sysreset\download\bm98\3am\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\download\bm98\housecat\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\download\bm98\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\download\bm98\applejuice2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\download\bm98\Docs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\download\bm98\Image\BM\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\download\bm98\Image\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\download\bm98\success\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\download\bm98\loverebirth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\download\bm98\breeze\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\download\bm98\lovesrebirth_truthmix\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\logs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\sounds\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\sysreset\sysreset251.exe/mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.603 skipped I:\My Documents BEE\sysreset\sysreset251.exe RAR: infected - 1 skipped I:\My Documents BEE\sysreset\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Online UrL\East\news\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Online UrL\East\music\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Online UrL\East\culture\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Online UrL\East\anime\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Online UrL\East\language\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Online UrL\East\film\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Online UrL\East\D V D\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Online UrL\East\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped I:\My Documents BEE\Online UrL\BellSouth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\DATA\EN\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\LANG\PQ\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\LANG\QR\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\LANG\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\BOM\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\ACC\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\QRIA\APPL.ZIP\INSTALL\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\QRIA\APPL.ZIP\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\QRIA\CPQS\QUICKSR\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\QRIA\CPQS\SUPPORT\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\QRIA\CPQS\TOOLS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\QRIA\CPQS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\QRIA\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\TOOLS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\PATCHES\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1512970A06\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1512970A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151297\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151308\B2A30\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151308\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151308\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151360\B2A03\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151360\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151360\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151370\B2A05\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151370\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151370\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1514160A16\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1514160A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151416\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1515520A15\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1515520A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151552\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151558\B2A12\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151558\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151558\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1515800D01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1515800D\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151580\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151616\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151616\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151616\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1516360A05\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1516360A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151636\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1516620A12\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1516620A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151662\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1516890A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1516890A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151689\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1516900A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1516900A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151690\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1516950A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1516950A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151695\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151697\B2A03\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151697\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151697\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151716\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151716\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\151716\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\155959\B2A22\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\155959\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\155959\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1559920A03\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1559920A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\155992\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1559930A13\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1559930A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\155993\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1559940A06\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1559940A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\155994\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156020\B2A11\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156020\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156020\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1560280A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1560280A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156028\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156029\B2A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156029\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156029\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1561150A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1561150A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156115\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156121\B2A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156121\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156121\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1561990A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1561990A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156199\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156208\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156208\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156208\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562090A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562090A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156209\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562110A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562110A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156211\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562130A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562130A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156213\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562140A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562140A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156214\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562220A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562220A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156222\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562230A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562230A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156223\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562240A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562240A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156224\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562250A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562250A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156225\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562260A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562260A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156226\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562310A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562310A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156231\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562500A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1562500A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156250\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156261\B2A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156261\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156261\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156354\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156354\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156354\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156368\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156368\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156368\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\ICONS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1559230A03\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1559230A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\155923\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1560250A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1560250A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156025\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156036\B2A13\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156036\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156036\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156045\B2A06\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156045\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156045\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156080\B2A09\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156080\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156080\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1560850A07\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\1560850A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\156085\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\3249380H08\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\3249380H\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\324938\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\3249510R18\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\3249510R\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\324951\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\3249990L16\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\3249990L\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\324999\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\3518090D06\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\3518090D\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\351809\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\3520710D04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\3520710D\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\352071\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\352115\B2A19\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\352115\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\352115\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\3522000A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\3522000A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\352200\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\352204\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\352204\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\352204\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\400635\B2A21\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\400635\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\400635\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\4006380A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\4006380A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\400638\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\CPQDRV\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\RECYCLED\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped J:\msdownld.tmp\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped Scan process completed.
  19. beemanbone

    Scprot4.exe

    I believe I have Norton uninstalled. I have downloaded Avast.
  20. beemanbone

    Scprot4.exe

    2006, I think. I believe it's expired. When I go to open Norton, it says it can't find file ccApp.exe.
  21. beemanbone

    Scprot4.exe

    Here's a new HijackThis Log... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:54:55 PM, on 1/2/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\ps2.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\System32\hphmon05.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\internet explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe O4 - Global Startup: APC UPS Status.lnk = ? O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609 O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10375 bytes
  22. beemanbone

    Scprot4.exe

    I can't run Kaspersky Online Scanner. When I go to install the ActiveX component, it says it needs to configure ccCommon and to insert the disc that has ccCommon. The 1st two steps I did. Here is the RenV log.... Ran on Wed 01/02/2008 - 12:57:10.15 ------w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe Entries: 1 (1) Directories: 0 Files: 1 Bytes: 84,640 Blocks: 166 Here is the Combofix log............. ComboFix 07-12-31.4 - Owner 2008-01-02 13:03:13.4 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.331 [GMT -6:00] Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Owner\Desktop\CFScript.txt * Created a new restore point FILE C:\WINDOWS\system32\RCX44.tmp C:\WINDOWS\system32\RCX48.tmp C:\WINDOWS\system32\RCX4E.tmp . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\RCX44.tmp C:\WINDOWS\system32\RCX48.tmp C:\WINDOWS\system32\RCX4E.tmp . ((((((((((((((((((((((((( Files Created from 2007-12-02 to 2008-01-02 ))))))))))))))))))))))))))))))) . 2008-01-02 12:57 . 2008-01-02 01:53 483,328 --a------ C:\WINDOWS\system32\hphmon05.exe 2008-01-02 12:57 . 2008-01-02 01:53 155,648 --a------ C:\WINDOWS\system32\igfxtray.exe 2008-01-02 12:57 . 2008-01-02 01:53 118,784 --a------ C:\WINDOWS\system32\hkcmd.exe 2008-01-02 12:57 . 2008-01-02 01:53 81,920 --a------ C:\WINDOWS\system32\ps2.exe 2008-01-02 08:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-12-20 08:58 . 2007-05-29 13:55 22,112 --a------ C:\WINDOWS\system32\drivers\COH_Mon.sys 2007-12-20 08:58 . 2007-05-29 13:55 10,592 --a------ C:\WINDOWS\system32\drivers\COH_Mon.cat 2007-12-20 08:58 . 2007-05-29 13:55 705 --a------ C:\WINDOWS\system32\drivers\COH_Mon.inf 2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a--c--- C:\WINDOWS\system32\dllcache\ctfmon.exe 2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe 2007-12-19 22:26 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-12-19 22:26 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-12-19 22:26 . 2007-12-19 22:57 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe 2007-12-19 22:26 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-12-19 22:26 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-12-19 22:26 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Program Files\Lavasoft 2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-12-19 16:12 . 2007-12-19 16:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-12-19 15:53 . 2007-12-19 15:54 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AdwareAlert 2007-12-19 15:20 . 2007-12-19 15:20 <DIR> d-------- C:\Program Files\Trend Micro . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-02 14:55 --------- d-----w C:\Program Files\Norton Internet Security 2008-01-02 14:55 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-01-02 14:51 --------- d-----w C:\Program Files\QuickTime 2007-12-20 14:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2007-12-20 14:56 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF 2007-12-20 14:56 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL 2007-12-20 14:56 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2007-12-20 14:56 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2007-12-20 14:56 --------- d-----w C:\Program Files\Symantec 2007-12-19 20:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-12-16 17:07 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso 2007-12-01 05:57 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys 2007-12-01 05:57 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys 2007-12-01 05:57 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys 2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat 2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat 2007-12-01 05:57 10,545 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat 2007-12-01 05:57 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf 2007-12-01 05:57 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf 2007-12-01 05:57 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf 2007-11-26 01:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-10-31 01:55 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll 2007-10-31 01:55 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll 2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-27 23:39 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-09-01 12:55 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys . ------w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe ((((((((((((((((((((((((((((( snapshot_2008-01-02_ 9.01.43.43 ))))))))))))))))))))))))))))))))))))))))) . - 2004-08-04 03:32:00 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\imjpmig.exe + 2007-12-20 13:14:23 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\IMJPMIG.EXE - 2002-08-29 12:00:00 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\imekrmig.exe + 2007-12-20 13:14:27 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE + 2008-01-02 07:53:21 233,472 ----a-w C:\WINDOWS\SMINST\RECGUARD.EXE + 2008-01-02 07:53:56 114,741 ----a-w C:\WINDOWS\system32\dla\tfswctrl.exe - 2002-08-29 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe + 2007-12-20 13:14:27 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe - 2004-08-04 03:32:00 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe + 2007-12-20 13:14:23 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe - 2004-08-04 03:31:50 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe + 2007-12-20 13:14:26 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe - 2004-08-04 03:32:16 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe + 2007-12-20 13:14:31 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe - 2004-08-04 03:31:50 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe + 2007-12-20 13:14:26 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe - 2004-08-04 03:32:16 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe + 2007-12-20 13:14:31 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RecordNow!"="" [] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-12-20 07:14 15360] "BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2008-01-02 01:54 32768] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-01-02 01:54 1694208] "MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2008-01-02 01:54 200704] "AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2008-01-02 01:53 233472] "PS2"="C:\WINDOWS\system32\ps2.exe" [2008-01-02 01:53 81920] "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [ ] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-01-02 01:53 155648] "HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2008-01-02 01:53 483328] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-01-02 01:53 118784] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2008-01-02 01:53 114741] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [ ] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-02 01:53 185896] "QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2008-01-02 01:54 57344] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2007-12-20 07:14 208952] "IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2007-12-20 07:14 44032] "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2007-12-20 07:14 59392] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2006-09-02 17:36 100032] "Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2008-01-02 01:54 57344 --a------ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] AGRSMMSG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service] 2004-08-16 16:45 45056 --a------ C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus XtremeG] 2004-09-22 13:08 987136 --a------ C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05] 2003-08-21 05:23 49152 --a------ c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] 1998-05-07 18:04 52736 --a------ c:\windows\system\hpsysdrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2005-06-24 14:16 278528 --a------ C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] 2003-02-11 21:02 61440 --a------ C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] 2005-05-28 21:48 155648 --------- C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder] 2005-04-02 22:08 98304 --a------ C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2006-11-09 15:07 49263 --a------ C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup] 2003-03-31 19:28 155648 --a------ C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager] c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] VTTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Viewpoint Manager Service"=2 (0x2) "StarWindService"=2 (0x2) "Pml Driver HPZ12"=3 (0x3) "ose"=3 (0x3) "MDM"=2 (0x2) "LiveUpdate"=3 (0x3) "iPodService"=3 (0x3) "IDriverT"=3 (0x3) "comHost"=3 (0x3) "Bonjour Service"=2 (0x2) "Automatic LiveUpdate Scheduler"=2 (0x2) "Adobe LM Service"=3 (0x3) R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2004-09-02 21:01] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f31d8fe-21d6-11d9-928a-000c76ff2271}] \Shell\AutoRun\command - H:\setupSNK.exe *Newly Created Service* - COMHOST . Contents of the 'Scheduled Tasks' folder "2007-12-19 21:53:35 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job" - C:\Program Files\AdwareAlert\AdwareAlert.ex - C:\Program Files\AdwareAlert "2007-12-06 23:50:01 C:\WINDOWS\Tasks\EasyShare Registration Task.job" - C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt [email protected] "2007-12-15 02:01:35 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Owner.job" - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/TASK: . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-02 13:05:19 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-01-02 13:06:22 C:\qoobox\ComboFix-quarantined-files.txt 2008-01-02 19:06:00 C:\qoobox\ComboFix2.txt 2008-01-02 15:02:19 C:\qoobox\ComboFix3.txt 2007-12-20 13:48:47 C:\qoobox\ComboFix4.txt 2007-12-20 04:52:57 . 2008-01-02 14:35:19 --- E O F ---
  23. beemanbone

    Scprot4.exe

    And here's the other one. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:03:39 AM, on 1/2/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE C:\WINDOWS\system32\notepad.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe O4 - Global Startup: APC UPS Status.lnk = ? O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609 O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10057 bytes
  24. beemanbone

    Scprot4.exe

    OK. Here's one. ComboFix 07-12-31.4 - Owner 2008-01-02 8:45:18.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.387 [GMT -6:00] Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe C:\Program Files\Norton Internet Security\osCheck.exe C:\Program Files\QuickTime\qttask .exe C:\Program Files\QuickTime\qttask .exe C:\Program Files\QuickTime\qttask .exe C:\Program Files\QuickTime\qttask .exe C:\Program Files\QuickTime\qttask .exe C:\Program Files\QuickTime\qttask .exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\SMINST\RECGUARD.EXE C:\WINDOWS\system32\ctfmon.exe.tmp C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\hphmon05.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\kjjlm.ini C:\WINDOWS\system32\kjjlm.ini2 C:\WINDOWS\system32\mljjk.dll C:\WINDOWS\system32\mljjk.exe C:\WINDOWS\system32\ps2.exe . ((((((((((((((((((((((((( Files Created from 2007-12-02 to 2008-01-02 ))))))))))))))))))))))))))))))) . 2008-01-02 08:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-02 01:36 . 2008-01-02 01:37 335,360 --a------ C:\WINDOWS\system32\RCX4E.tmp 2007-12-20 08:58 . 2007-05-29 13:55 22,112 --a------ C:\WINDOWS\system32\drivers\COH_Mon.sys 2007-12-20 08:58 . 2007-05-29 13:55 10,592 --a------ C:\WINDOWS\system32\drivers\COH_Mon.cat 2007-12-20 08:58 . 2007-05-29 13:55 705 --a------ C:\WINDOWS\system32\drivers\COH_Mon.inf 2007-12-20 07:14 . 2007-12-20 07:14 335,360 --a------ C:\WINDOWS\system32\RCX48.tmp 2007-12-19 22:47 . 2004-08-03 23:56 15,360 --a--c--- C:\WINDOWS\system32\dllcache\ctfmon.exe 2007-12-19 22:47 . 2004-08-03 23:56 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe 2007-12-19 22:26 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-12-19 22:26 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-12-19 22:26 . 2007-12-19 22:57 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe 2007-12-19 22:26 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-12-19 22:26 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-12-19 22:26 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Program Files\Lavasoft 2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-12-19 16:12 . 2007-12-19 16:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-12-19 15:53 . 2007-12-19 15:54 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AdwareAlert 2007-12-19 15:20 . 2007-12-19 15:20 <DIR> d-------- C:\Program Files\Trend Micro 2007-12-19 14:58 . 2007-12-20 07:14 15,360 --a------ C:\WINDOWS\system32\ctfmon .exe 2007-12-19 14:57 . 2008-01-02 01:53 483,328 --a------ C:\WINDOWS\system32\hphmon05 .exe 2007-12-19 14:57 . 2007-12-19 14:57 335,360 --a------ C:\WINDOWS\system32\RCX44.tmp 2007-12-19 14:57 . 2008-01-02 01:53 155,648 --a------ C:\WINDOWS\system32\igfxtray .exe 2007-12-19 14:57 . 2008-01-02 01:53 118,784 --a------ C:\WINDOWS\system32\hkcmd .exe 2007-12-19 14:57 . 2008-01-02 01:53 81,920 --a------ C:\WINDOWS\system32\ps2 .exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-02 14:55 --------- d-----w C:\Program Files\Norton Internet Security 2008-01-02 14:55 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-01-02 14:51 --------- d-----w C:\Program Files\QuickTime 2007-12-20 14:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2007-12-20 14:56 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF 2007-12-20 14:56 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2007-12-20 14:56 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2007-12-20 14:56 --------- d-----w C:\Program Files\Symantec 2007-12-19 20:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-12-16 17:07 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso 2007-12-01 05:57 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys 2007-12-01 05:57 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys 2007-12-01 05:57 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys 2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat 2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat 2007-12-01 05:57 10,545 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat 2007-12-01 05:57 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf 2007-12-01 05:57 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf 2007-12-01 05:57 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf 2007-11-26 01:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-09-01 12:55 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys . ----a-w 57,344 2008-01-02 07:54:05 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy .exe ----a-w 185,896 2008-01-02 07:53:56 C:\Program Files\Common Files\Real\Update_OB\realsched .exe ----a-w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe ----a-w 32,768 2008-01-02 07:54:21 C:\Program Files\HP\Digital Imaging\bin\backupnotify .exe ----a-w 1,694,208 2008-01-02 07:54:43 C:\Program Files\Messenger\msmsgs .exe ----a-w 200,704 2008-01-02 07:54:37 C:\Program Files\Microsoft Money\System\mnyexpr .exe ----a-w 208,952 2007-12-20 13:14:23 C:\WINDOWS\ime\imjp8_1\IMJPMIG .EXE ----a-w 44,032 2007-12-20 13:14:27 C:\WINDOWS\ime\imkr6_1\IMEKRMIG .EXE ----a-w 233,472 2008-01-02 07:53:21 C:\WINDOWS\SMINST\RECGUARD .EXE ----a-w 15,360 2007-12-20 13:14:38 C:\WINDOWS\system32\ctfmon .exe ----a-w 118,784 2008-01-02 07:53:40 C:\WINDOWS\system32\hkcmd .exe ----a-w 483,328 2008-01-02 07:53:35 C:\WINDOWS\system32\hphmon05 .exe ----a-w 155,648 2008-01-02 07:53:31 C:\WINDOWS\system32\igfxtray .exe ----a-w 81,920 2008-01-02 07:53:26 C:\WINDOWS\system32\ps2 .exe ----a-w 114,741 2008-01-02 07:53:56 C:\WINDOWS\system32\dla\tfswctrl .exe ----a-w 59,392 2007-12-20 13:14:26 C:\WINDOWS\system32\IME\PINTLGNT\ImScInst .exe ----a-w 455,168 2007-12-20 13:14:31 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP .EXE ((((((((((((((((((((((((((((( [email protected]_22.51.08.62 ))))))))))))))))))))))))))))))))))))))))) . - 2007-03-13 16:57:10 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE + 2000-08-31 14:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE - 2006-09-02 19:34:34 11,968 ----a-w C:\WINDOWS\system32\drivers\symdns.sys + 2007-10-31 01:55:14 12,848 ----a-w C:\WINDOWS\system32\drivers\symdns.sys - 2006-09-02 19:34:42 144,832 ----a-w C:\WINDOWS\system32\drivers\symfw.sys + 2007-10-31 01:55:20 145,968 ----a-w C:\WINDOWS\system32\drivers\symfw.sys - 2006-09-02 19:34:50 39,104 ----a-w C:\WINDOWS\system32\drivers\symids.sys + 2007-10-31 01:55:28 39,856 ----a-w C:\WINDOWS\system32\drivers\symids.sys - 2006-09-02 19:34:46 33,216 ----a-w C:\WINDOWS\system32\drivers\symndis.sys + 2007-10-31 01:55:24 35,120 ----a-w C:\WINDOWS\system32\drivers\symndis.sys - 2006-09-02 19:35:06 36,032 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys + 2007-10-31 01:55:44 37,936 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys - 2006-09-02 19:34:56 26,432 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys + 2007-10-31 01:55:34 27,696 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys - 2006-09-02 19:35:00 186,048 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys + 2007-10-31 01:55:38 191,536 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys - 2007-09-17 22:39:52 48,776 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL + 2007-12-20 14:56:17 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL - 2007-12-14 03:26:50 156,160 ----a-w C:\WINDOWS\system32\swreg.exe + 2000-08-31 14:00:00 156,160 ----a-w C:\WINDOWS\system32\swreg.exe - 2006-09-02 19:35:16 613,056 ----a-w C:\WINDOWS\system32\SymNeti.dll + 2007-10-31 01:55:50 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll - 2006-09-02 19:35:10 239,808 ----a-w C:\WINDOWS\system32\SymRedir.dll + 2007-10-31 01:55:48 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RecordNow!"="" [] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360] "BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [ ] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ] "MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [ ] "AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [ ] "PS2"="C:\WINDOWS\system32\ps2.exe" [ ] "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [ ] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [ ] "HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [ ] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [ ] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [ ] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [ ] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [ ] "QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [ ] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-03 21:32 208952] "IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2002-08-29 06:00 44032] "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 21:31 59392] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 21:32 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 21:32 455168] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2006-09-02 17:36 100032] "Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] AGRSMMSG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service] 2004-08-16 16:45 45056 --a------ C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus XtremeG] 2004-09-22 13:08 987136 --a------ C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05] 2003-08-21 05:23 49152 --a------ c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] 1998-05-07 18:04 52736 --a------ c:\windows\system\hpsysdrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2005-06-24 14:16 278528 --a------ C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] 2003-02-11 21:02 61440 --a------ C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] 2005-05-28 21:48 155648 --------- C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder] 2005-04-02 22:08 98304 --a------ C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2006-11-09 15:07 49263 --a------ C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup] 2003-03-31 19:28 155648 --a------ C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager] c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] VTTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Viewpoint Manager Service"=2 (0x2) "StarWindService"=2 (0x2) "Pml Driver HPZ12"=3 (0x3) "ose"=3 (0x3) "MDM"=2 (0x2) "LiveUpdate"=3 (0x3) "iPodService"=3 (0x3) "IDriverT"=3 (0x3) "comHost"=3 (0x3) "Bonjour Service"=2 (0x2) "Automatic LiveUpdate Scheduler"=2 (0x2) "Adobe LM Service"=3 (0x3) R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2004-09-02 21:01] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f31d8fe-21d6-11d9-928a-000c76ff2271}] \Shell\AutoRun\command - H:\setupSNK.exe *Newly Created Service* - COMHOST . Contents of the 'Scheduled Tasks' folder "2007-12-19 21:53:35 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job" - C:\Program Files\AdwareAlert\AdwareAlert.ex - C:\Program Files\AdwareAlert "2007-12-06 23:50:01 C:\WINDOWS\Tasks\EasyShare Registration Task.job" - C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt [email protected] "2007-12-15 02:01:35 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Owner.job" - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/TASK: . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-02 08:57:41 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-01-02 9:02:19 - machine was rebooted C:\qoobox\ComboFix-quarantined-files.txt 2008-01-02 15:02:14 C:\qoobox\ComboFix2.txt 2007-12-20 13:48:47 C:\qoobox\ComboFix3.txt 2007-12-20 04:52:57 . 2008-01-02 14:35:19 --- E O F ---
  25. beemanbone

    Scprot4.exe

    OK. Thanks for your patience. Here's the new log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:59:35 AM, on 1/2/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\ps2 .exe C:\WINDOWS\system32\igfxtray .exe C:\WINDOWS\System32\hphmon05 .exe C:\WINDOWS\system32\hkcmd .exe C:\Program Files\Common Files\Symantec Shared\ccApp .exe C:\Program Files\Common Files\Real\Update_OB\realsched .exe C:\WINDOWS\system32\dla\tfswctrl .exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy .exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local F3 - REG:win.ini: load=C:\WINDOWS\system32\mljjk.exe O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe O4 - Startup: PowerReg Scheduler V3 .exe O4 - Startup: PowerReg Scheduler V3 .exe O4 - Startup: PowerReg Scheduler V3 .exe O4 - Startup: PowerReg Scheduler V3 .exe O4 - Startup: PowerReg Scheduler V3 .exe O4 - Startup: PowerReg Scheduler V3 .exe O4 - Startup: PowerReg Scheduler V3 .exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: APC UPS Status.lnk = ? O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609 O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10427 bytes