beemanbone

Members
  • Content Count

    31
  • Joined

  • Last visited

Posts posted by beemanbone


  1. I believe it is outbound, but I'm not sure. It says destination IP is 192.168.1.102. It happens even when I'm not connected to internet.

    Here are the scan results...

    Scan taken on 05 Jan 2008 11:45:25 (GMT)

    A-Squared

    Found nothing

    AntiVir

    Found nothing

    ArcaVir

    Found nothing

    Avast

    Found nothing

    AVG Antivirus

    Found nothing

    BitDefender

    Found nothing

    ClamAV

    Found nothing

    CPsecure

    Found nothing

    Dr.Web

    Found nothing

    F-Prot Antivirus

    Found nothing

    F-Secure Anti-Virus

    Found nothing

    Fortinet

    Found nothing

    Ikarus

    Found nothing

    Kaspersky Anti-Virus

    Found nothing

    NOD32

    Found nothing

    Norman Virus Control

    Found nothing

    Panda Antivirus

    Found nothing

    Rising Antivirus

    Found nothing

    Sophos Antivirus

    Found nothing

    VirusBuster

    Found nothing

    VBA32

    Found nothing


  2. My computer is running better than ever.

    There is one thing I noticed, though. I've installed a firewall, and it is constantly blocking the same intrusion. The application is C:\WINDOWS\system32\svchost.exe. Do you think it's a virus or trojan?


  3. and finally, Section #4...........

    I:\RECYCLED\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\RECYCLED\FOLDER.HTT

    Disinfected

    I:\audio\soundforge\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\audio\soundforge\FOLDER.HTT

    Disinfected

    I:\audio\ACID\songs\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\audio\ACID\songs\FOLDER.HTT

    Disinfected

    I:\audio\ACID\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\audio\ACID\FOLDER.HTT

    Disinfected

    I:\audio\rebirth2\Default Songs\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\audio\rebirth2\Default Songs\FOLDER.HTT

    Disinfected

    I:\audio\rebirth2\Demo Songs\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\audio\rebirth2\Demo Songs\FOLDER.HTT

    Disinfected

    I:\audio\rebirth2\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\audio\rebirth2\FOLDER.HTT

    Disinfected

    I:\audio\ZILLION\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\audio\ZILLION\FOLDER.HTT

    Disinfected

    I:\FAILSAFE.DRV\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\FAILSAFE.DRV\FOLDER.HTT

    Disinfected

    I:\unzipped\cdex_130\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\unzipped\cdex_130\FOLDER.HTT

    Disinfected

    I:\unzipped\cheatsheet_compiler\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\unzipped\cheatsheet_compiler\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Bee's Stuff\dload\sites\Main\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Bee's Stuff\dload\sites\Main\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Bee's Stuff\dload\sites\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Bee's Stuff\dload\sites\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Bee's Stuff\dload\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Bee's Stuff\dload\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Bee's Stuff\dload\B T\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Bee's Stuff\dload\B T\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Bee's Stuff\dload\PowerDVD 5.0\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Bee's Stuff\dload\PowerDVD 5.0\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Bee's Stuff\Faye's Stuff\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Bee's Stuff\Faye's Stuff\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Bee's Stuff\Anime\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Bee's Stuff\Anime\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Bee's Stuff\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Bee's Stuff\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\system\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\system\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\addons\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\addons\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\skins\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\skins\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\download\bm98\3am\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\download\bm98\3am\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\download\bm98\housecat\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\download\bm98\housecat\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\download\bm98\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\download\bm98\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\download\bm98\applejuice2\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\download\bm98\applejuice2\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\download\bm98\Docs\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\download\bm98\Docs\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\download\bm98\Image\BM\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\download\bm98\Image\BM\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\download\bm98\Image\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\download\bm98\Image\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\download\bm98\success\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\download\bm98\success\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\download\bm98\loverebirth\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\download\bm98\loverebirth\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\download\bm98\breeze\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\download\bm98\breeze\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\download\bm98\lovesrebirth_truthmix\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\download\bm98\lovesrebirth_truthmix\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\logs\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\logs\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\sounds\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\sounds\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\sysreset\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\sysreset\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Online UrL\East\news\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Online UrL\East\news\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Online UrL\East\music\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Online UrL\East\music\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Online UrL\East\culture\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Online UrL\East\culture\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Online UrL\East\anime\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Online UrL\East\anime\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Online UrL\East\language\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Online UrL\East\language\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Online UrL\East\film\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Online UrL\East\film\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Online UrL\East\D V D\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Online UrL\East\D V D\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Online UrL\East\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Online UrL\East\FOLDER.HTT

    Disinfected

    I:\My Documents BEE\Online UrL\BellSouth\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\My Documents BEE\Online UrL\BellSouth\FOLDER.HTT

    Disinfected

    J:\DATA\EN\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\DATA\EN\FOLDER.HTT

    Disinfected

    J:\CPQS\LANG\PQ\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\LANG\PQ\FOLDER.HTT

    Disinfected

    J:\CPQS\LANG\QR\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\LANG\QR\FOLDER.HTT

    Disinfected

    J:\CPQS\LANG\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\LANG\FOLDER.HTT

    Disinfected

    J:\CPQS\BOM\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\BOM\FOLDER.HTT

    Disinfected

    J:\CPQS\ACC\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\ACC\FOLDER.HTT

    Disinfected

    J:\CPQS\QRIA\APPL.ZIP\INSTALL\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\QRIA\APPL.ZIP\INSTALL\FOLDER.HTT

    Disinfected

    J:\CPQS\QRIA\APPL.ZIP\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\QRIA\APPL.ZIP\FOLDER.HTT

    Disinfected

    J:\CPQS\QRIA\CPQS\QUICKSR\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\QRIA\CPQS\QUICKSR\FOLDER.HTT

    Disinfected

    J:\CPQS\QRIA\CPQS\SUPPORT\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\QRIA\CPQS\SUPPORT\FOLDER.HTT

    Disinfected

    J:\CPQS\QRIA\CPQS\TOOLS\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\QRIA\CPQS\TOOLS\FOLDER.HTT

    Disinfected

    J:\CPQS\QRIA\CPQS\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\QRIA\CPQS\FOLDER.HTT

    Disinfected

    J:\CPQS\QRIA\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\QRIA\FOLDER.HTT

    Disinfected

    J:\CPQS\TOOLS\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\TOOLS\FOLDER.HTT

    Disinfected

    J:\CPQS\PATCHES\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\PATCHES\FOLDER.HTT

    Disinfected

    J:\CPQS\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQS\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1512970A06\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1512970A06\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1512970A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1512970A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151297\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151297\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151308\B2A30\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151308\B2A30\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151308\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151308\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151308\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151308\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151360\B2A03\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151360\B2A03\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151360\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151360\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151360\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151360\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151370\B2A05\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151370\B2A05\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151370\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151370\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151370\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151370\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1514160A16\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1514160A16\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1514160A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1514160A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151416\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151416\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1515520A15\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1515520A15\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1515520A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1515520A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151552\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151552\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151558\B2A12\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151558\B2A12\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151558\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151558\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151558\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151558\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1515800D01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1515800D01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1515800D\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1515800D\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151580\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151580\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151616\B2A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151616\B2A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151616\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151616\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151616\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151616\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1516360A05\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1516360A05\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1516360A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1516360A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151636\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151636\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1516620A12\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1516620A12\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1516620A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1516620A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151662\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151662\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1516890A04\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1516890A04\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1516890A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1516890A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151689\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151689\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1516900A04\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1516900A04\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1516900A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1516900A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151690\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151690\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1516950A04\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1516950A04\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1516950A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1516950A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151695\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151695\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151697\B2A03\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151697\B2A03\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151697\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151697\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151697\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151697\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151716\B2A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151716\B2A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151716\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151716\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\151716\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\151716\FOLDER.HTT

    Disinfected

    J:\CPQDRV\155959\B2A22\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\155959\B2A22\FOLDER.HTT

    Disinfected

    J:\CPQDRV\155959\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\155959\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\155959\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\155959\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1559920A03\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1559920A03\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1559920A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1559920A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\155992\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\155992\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1559930A13\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1559930A13\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1559930A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1559930A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\155993\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\155993\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1559940A06\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1559940A06\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1559940A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1559940A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\155994\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\155994\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156020\B2A11\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156020\B2A11\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156020\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156020\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156020\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156020\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1560280A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1560280A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1560280A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1560280A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156028\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156028\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156029\B2A02\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156029\B2A02\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156029\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156029\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156029\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156029\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1561150A02\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1561150A02\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1561150A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1561150A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156115\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156115\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156121\B2A02\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156121\B2A02\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156121\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156121\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156121\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156121\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1561990A04\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1561990A04\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1561990A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1561990A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156199\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156199\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156208\B2A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156208\B2A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156208\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156208\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156208\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156208\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562090A04\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562090A04\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562090A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562090A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156209\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156209\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562110A02\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562110A02\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562110A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562110A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156211\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156211\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562130A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562130A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562130A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562130A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156213\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156213\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562140A02\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562140A02\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562140A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562140A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156214\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156214\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562220A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562220A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562220A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562220A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156222\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156222\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562230A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562230A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562230A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562230A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156223\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156223\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562240A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562240A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562240A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562240A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156224\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156224\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562250A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562250A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562250A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562250A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156225\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156225\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562260A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562260A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562260A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562260A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156226\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156226\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562310A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562310A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562310A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562310A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156231\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156231\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562500A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562500A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1562500A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1562500A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156250\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156250\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156261\B2A02\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156261\B2A02\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156261\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156261\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156261\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156261\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156354\B2A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156354\B2A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156354\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156354\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156354\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156354\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156368\B2A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156368\B2A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156368\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156368\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156368\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156368\FOLDER.HTT

    Disinfected

    J:\CPQDRV\ICONS\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\ICONS\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1559230A03\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1559230A03\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1559230A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1559230A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\155923\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\155923\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1560250A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1560250A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1560250A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1560250A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156025\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156025\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156036\B2A13\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156036\B2A13\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156036\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156036\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156036\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156036\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156045\B2A06\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156045\B2A06\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156045\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156045\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156045\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156045\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156080\B2A09\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156080\B2A09\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156080\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156080\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156080\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156080\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1560850A07\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1560850A07\FOLDER.HTT

    Disinfected

    J:\CPQDRV\1560850A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\1560850A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\156085\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\156085\FOLDER.HTT

    Disinfected

    J:\CPQDRV\3249380H08\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\3249380H08\FOLDER.HTT

    Disinfected

    J:\CPQDRV\3249380H\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\3249380H\FOLDER.HTT

    Disinfected

    J:\CPQDRV\324938\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\324938\FOLDER.HTT

    Disinfected

    J:\CPQDRV\3249510R18\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\3249510R18\FOLDER.HTT

    Disinfected

    J:\CPQDRV\3249510R\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\3249510R\FOLDER.HTT

    Disinfected

    J:\CPQDRV\324951\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\324951\FOLDER.HTT

    Disinfected

    J:\CPQDRV\3249990L16\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\3249990L16\FOLDER.HTT

    Disinfected

    J:\CPQDRV\3249990L\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\3249990L\FOLDER.HTT

    Disinfected

    J:\CPQDRV\324999\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\324999\FOLDER.HTT

    Disinfected

    J:\CPQDRV\3518090D06\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\3518090D06\FOLDER.HTT

    Disinfected

    J:\CPQDRV\3518090D\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\3518090D\FOLDER.HTT

    Disinfected

    J:\CPQDRV\351809\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\351809\FOLDER.HTT

    Disinfected

    J:\CPQDRV\3520710D04\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\3520710D04\FOLDER.HTT

    Disinfected

    J:\CPQDRV\3520710D\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\3520710D\FOLDER.HTT

    Disinfected

    J:\CPQDRV\352071\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\352071\FOLDER.HTT

    Disinfected

    J:\CPQDRV\352115\B2A19\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\352115\B2A19\FOLDER.HTT

    Disinfected

    J:\CPQDRV\352115\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\352115\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\352115\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\352115\FOLDER.HTT

    Disinfected

    J:\CPQDRV\3522000A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\3522000A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\3522000A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\3522000A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\352200\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\352200\FOLDER.HTT

    Disinfected

    J:\CPQDRV\352204\B2A01\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\352204\B2A01\FOLDER.HTT

    Disinfected

    J:\CPQDRV\352204\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\352204\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\352204\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\352204\FOLDER.HTT

    Disinfected

    J:\CPQDRV\400635\B2A21\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\400635\B2A21\FOLDER.HTT

    Disinfected

    J:\CPQDRV\400635\B2A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\400635\B2A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\400635\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\400635\FOLDER.HTT

    Disinfected

    J:\CPQDRV\4006380A04\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\4006380A04\FOLDER.HTT

    Disinfected

    J:\CPQDRV\4006380A\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\4006380A\FOLDER.HTT

    Disinfected

    J:\CPQDRV\400638\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\400638\FOLDER.HTT

    Disinfected

    J:\CPQDRV\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\CPQDRV\FOLDER.HTT

    Disinfected

    J:\RECYCLED\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\RECYCLED\FOLDER.HTT

    Disinfected

    J:\msdownld.tmp\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    J:\msdownld.tmp\FOLDER.HTT

    Disinfected


  4. Section #3........

    I:\Program Files\FruityLoops\Plugins\VST\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\VST\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Generators\Wasp\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Generators\Wasp\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Generators\Wasp\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Generators\Wasp\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Images\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Images\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Data\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Data\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Generators\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Generators\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity NoteBook\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity NoteBook\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Effects\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Effects\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity NoteBook\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity NoteBook\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Data\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Data\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Images\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Images\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\SimSynth\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\SimSynth\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\Fruity\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\Fruity\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Plugins\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Plugins\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Config\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Config\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Goodies\FLP file format\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Goodies\FLP file format\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Goodies\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Goodies\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Help\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Help\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Internet\About\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Internet\About\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Internet\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Internet\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Loops\Basic\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Loops\Basic\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Loops\Cool stuff\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Loops\Cool stuff\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Loops\Cover songs\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Loops\Cover songs\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Loops\DrumSynth\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Loops\DrumSynth\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Loops\MIDI\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Loops\MIDI\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Loops\Remixes\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Loops\Remixes\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Loops\Songwriters\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Loops\Songwriters\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Loops\TS404\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Loops\TS404\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Loops\Covers\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Loops\Covers\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Loops\Misc\DrumSynth\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Loops\Misc\DrumSynth\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Loops\Misc\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Loops\Misc\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Loops\Tutorial\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Loops\Tutorial\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Loops\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Loops\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Artwork\Full\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Artwork\Full\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Artwork\Wallpapers\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Artwork\Wallpapers\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Artwork\Skins\Default\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Artwork\Skins\Default\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Artwork\Skins\New steps\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Artwork\Skins\New steps\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Artwork\Skins\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Artwork\Skins\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Artwork\Demo\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Artwork\Demo\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Artwork\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Artwork\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\WAV\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\WAV\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\MIDI\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\MIDI\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\8 channels\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\8 channels\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Acoustic\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Acoustic\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 78\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 78\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 8000\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 8000\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Effects\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Effects\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Electro\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Electro\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Percussion\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Percussion\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\R & B\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\R & B\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Techno\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Techno\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 808\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 808\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 909\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 909\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\Basic\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\Basic\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\Basic TS404\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\Basic TS404\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\Club basic\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\Club basic\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\Empty\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\Empty\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\Studio\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\Studio\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\808\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\808\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\ReBirth\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\ReBirth\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumKits\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumKits\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Basic\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Basic\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Extra\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Extra\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Instruments\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Instruments\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\ml_shapes\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\ml_shapes\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Andrew\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Andrew\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\bass\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\bass\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\drums\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\drums\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Echo delay FX\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Echo delay FX\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Extra\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Extra\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\FX\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\FX\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Long\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Long\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\misc synths\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\misc synths\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Short\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Short\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\string vars\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\string vars\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Strings\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Strings\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Synth\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Synth\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Andrew\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Andrew\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\Guitar\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\Guitar\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Instruments\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Instruments\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Basses\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Basses\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Packs\Basic\General\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Packs\Basic\General\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Packs\Basic\HiHats\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Packs\Basic\HiHats\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\Looped\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\Looped\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Kicks\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Kicks\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Snares\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Snares\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Stabs\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Stabs\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Voices\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Voices\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Packs\Basic\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Packs\Basic\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Packs\ReBirth import (LQ)\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Packs\ReBirth import (LQ)\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Packs\Vintage\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Packs\Vintage\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Packs\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Packs\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DS_Instruments\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DS_Instruments\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DS_Various\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DS_Various\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\TS404 presets\Extra\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\TS404 presets\Extra\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\TS404 presets\Extra2\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\TS404 presets\Extra2\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\TS404 presets\Extra3\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\TS404 presets\Extra3\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\TS404 presets\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\TS404 presets\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity 7 band EQ\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity 7 band EQ\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity delay\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity delay\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity filter\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity filter\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity free filter\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity free filter\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity reeverb\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity reeverb\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\WASP\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\WASP\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\Plucked!\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\Plucked!\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\BeepMap\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\BeepMap\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\3x Osc\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\3x Osc\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\MIDI out\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\MIDI out\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity phaser\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity phaser\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity PanOMatic\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity PanOMatic\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity flanger\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity flanger\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity wrapper\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity wrapper\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\SimSynth\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\SimSynth\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FX presets\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FX presets\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Humanize presets\Grooves\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Humanize presets\Grooves\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Humanize presets\Level\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Humanize presets\Level\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Humanize presets\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Humanize presets\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SS_Effects\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SS_Effects\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SS_Instruments\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SS_Instruments\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SS2_Effects\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SS2_Effects\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SS2_Extra\2.7\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SS2_Extra\2.7\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SS2_Extra\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SS2_Extra\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SS2_Instruments\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SS2_Instruments\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SS2_Riffs\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SS2_Riffs\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\TS404 shapes\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\TS404 shapes\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Used by tunes\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Used by tunes\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Channel presets\BeepMap\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Channel presets\BeepMap\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\Effects\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\Effects\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\Channel presets\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\Channel presets\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumSynth\Fuzz\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumSynth\Fuzz\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumSynth\Instruments\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumSynth\Instruments\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumSynth\Various\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumSynth\Various\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\DrumSynth\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\DrumSynth\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SimSynth\Effects\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SimSynth\Effects\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SimSynth\Effects 2\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SimSynth\Effects 2\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SimSynth\Extra\2.7\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SimSynth\Extra\2.7\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SimSynth\Extra\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SimSynth\Extra\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SimSynth\Instruments\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SimSynth\Instruments\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SimSynth\Instruments 2\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SimSynth\Instruments 2\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SimSynth\Riffs\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SimSynth\Riffs\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\SimSynth\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\SimSynth\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\System\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\System\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\STARTSONG\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\STARTSONG\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Samples\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Samples\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins\3D Wheels\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins\3D Wheels\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins\Big Scope\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins\Big Scope\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins\Dark keyboard\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins\Dark keyboard\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins\Default\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins\Default\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins\Grip\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins\Grip\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins\Lights\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins\Lights\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins\Magnum\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins\Magnum\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins\My little playlist\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins\My little playlist\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins\Red LCD\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins\Red LCD\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins\Red White Keys\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins\Red White Keys\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins\Wide\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins\Wide\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins 3\Default\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins 3\Default\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins 3\New steps\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins 3\New steps\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Skins 3\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Skins 3\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Texts\html\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Texts\html\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Texts\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Texts\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Tools\BeatSlicer\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Tools\BeatSlicer\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Tools\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Tools\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\Trash bin\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\Trash bin\FOLDER.HTT

    Disinfected

    I:\Program Files\FruityLoops\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\FruityLoops\FOLDER.HTT

    Disinfected

    I:\Program Files\igowin\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\igowin\FOLDER.HTT

    Disinfected

    I:\Program Files\CHANGJIE\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\CHANGJIE\FOLDER.HTT

    Disinfected

    I:\Program Files\PowerDVD\Skins\Crystal\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\PowerDVD\Skins\Crystal\FOLDER.HTT

    Disinfected

    I:\Program Files\PowerDVD\Skins\Neo\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\PowerDVD\Skins\Neo\FOLDER.HTT

    Disinfected

    I:\Program Files\PowerDVD\Skins\Oscar\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\PowerDVD\Skins\Oscar\FOLDER.HTT

    Disinfected

    I:\Program Files\PowerDVD\Skins\Epiphany\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\PowerDVD\Skins\Epiphany\FOLDER.HTT

    Disinfected

    I:\Program Files\PowerDVD\Skins\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\PowerDVD\Skins\FOLDER.HTT

    Disinfected

    I:\Program Files\PowerDVD\HTML\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\PowerDVD\HTML\FOLDER.HTT

    Disinfected

    I:\Program Files\PowerDVD\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\PowerDVD\FOLDER.HTT

    Disinfected


  5. Section#2....

    I:\Program Files\Trident Microsystems, Inc\Display Driver\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Trident Microsystems, Inc\Display Driver\FOLDER.HTT

    Disinfected

    I:\Program Files\Trident Microsystems, Inc\trident\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Trident Microsystems, Inc\trident\FOLDER.HTT

    Disinfected

    I:\Program Files\Trident Microsystems, Inc\trident\lessons\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Trident Microsystems, Inc\trident\lessons\FOLDER.HTT

    Disinfected

    I:\Program Files\Trident Microsystems, Inc\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Trident Microsystems, Inc\FOLDER.HTT

    Disinfected

    I:\Program Files\WinRAR\Formats\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\WinRAR\Formats\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Skins\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Skins\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\avs\newpicks\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\avs\newpicks\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\avs\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\avs\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\Images\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\Images\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\sayings\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\sayings\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\resources\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\resources\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\names\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\names\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\images\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\images\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\models\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\models\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\Dotorama\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\Dotorama\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\arsc\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\arsc\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\rsc\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\rsc\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Art\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Art\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Models\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Models\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\wtvis\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\wtvis\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\wt\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\wt\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\CLIMAX PRESETS\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\CLIMAX PRESETS\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\CLIMAX PALETTES\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\CLIMAX PALETTES\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\G-Force ColorMaps\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\G-Force ColorMaps\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\G-Force DeltaFields\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\G-Force DeltaFields\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\G-Force Particles\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\G-Force Particles\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\G-Force WaveShapes\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\G-Force WaveShapes\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\G-Force\Extras\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\G-Force\Extras\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\G-Force\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\G-Force\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\ml\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\ml\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\Plugins\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\Plugins\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\AOD\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\AOD\FOLDER.HTT

    Disinfected

    I:\Program Files\Winamp\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Winamp\FOLDER.HTT

    Disinfected

    I:\Program Files\AnalogX\Scratch\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\AnalogX\Scratch\FOLDER.HTT

    Disinfected

    I:\Program Files\AnalogX\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\AnalogX\FOLDER.HTT

    Disinfected

    I:\Program Files\WinZip\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\WinZip\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder (2)\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder (2)\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\OutputFiles\no artist\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\OutputFiles\no artist\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\OutputFiles\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\OutputFiles\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\OutputFiles\unknown artist\New CD\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\OutputFiles\unknown artist\New CD\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\OutputFiles\unknown artist\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\OutputFiles\unknown artist\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\LocalCDDB\blues\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\LocalCDDB\blues\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\LocalCDDB\classical\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\LocalCDDB\classical\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\LocalCDDB\country\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\LocalCDDB\country\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\LocalCDDB\data\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\LocalCDDB\data\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\LocalCDDB\folk\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\LocalCDDB\folk\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\LocalCDDB\jazz\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\LocalCDDB\jazz\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\LocalCDDB\misc\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\LocalCDDB\misc\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\LocalCDDB\newage\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\LocalCDDB\newage\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\LocalCDDB\reggae\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\LocalCDDB\reggae\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\LocalCDDB\rock\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\LocalCDDB\rock\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\LocalCDDB\soundtrack\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\LocalCDDB\soundtrack\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\LocalCDDB\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\LocalCDDB\FOLDER.HTT

    Disinfected

    I:\Program Files\cdex 130\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\cdex 130\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\motion\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\motion\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Palettes\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Palettes\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\AEFilters\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\AEFilters\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\sweet\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\sweet\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Common\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Common\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Components\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Components\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Tools\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Tools\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Codecs\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Codecs\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Icons\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Icons\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Graphics\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Graphics\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Htmfiles\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Htmfiles\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Styles\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Styles\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Context\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Context\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Settings\DV - NTSC\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Settings\DV - NTSC\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Settings\DV - PAL\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Settings\DV - PAL\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Settings\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Settings\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\system\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\system\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Sample Folder\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Sample Folder\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Help\images\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Help\images\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Help\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Help\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Project-Archive\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Project-Archive\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\trunks.TMP\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\trunks.TMP\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Premiere 6.0\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Premiere 6.0\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\HTML\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\HTML\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\InterTrust\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\InterTrust\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Reader\JavaScripts\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Reader\JavaScripts\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Reader\SPPlugins\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Reader\SPPlugins\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Reader\Optional\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Reader\Optional\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Reader\Legal\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Reader\Legal\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Reader\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Reader\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\PFM\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\PFM\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Resource\CMap\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Resource\CMap\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Resource\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Resource\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Help\ENU\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Help\ENU\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\Help\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\Help\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Acrobat 5.0\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Acrobat 5.0\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Legal\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Legal\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Required\ImageReady Default Actions\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Required\ImageReady Default Actions\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Required\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Required\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To Graphics Editor\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To Graphics Editor\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To HTML Editor\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To HTML Editor\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Helpers\Preview In\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Helpers\Preview In\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Helpers\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Helpers\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Colors\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Colors\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Output Settings\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Output Settings\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Settings\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Settings\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\Adobe Photoshop Only\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\Adobe Photoshop Only\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Books\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Books\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\Adobe Photoshop Only\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\Adobe Photoshop Only\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Custom Shapes\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Custom Shapes\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Gray-Black Duotones\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Gray-Black Duotones\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\PANTONE® Duotones\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\PANTONE® Duotones\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Process Duotones\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Process Duotones\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Gray Quadtones\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Gray Quadtones\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\PANTONE® Quadtones\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\PANTONE® Quadtones\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Process Quadtones\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Process Quadtones\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Gray Tritones\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Gray Tritones\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\PANTONE® Tritones\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\PANTONE® Tritones\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Process Tritones\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Process Tritones\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Gradients\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Gradients\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Layouts\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Layouts\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\Adobe ImageReady Only\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\Adobe ImageReady Only\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\PostScript Patterns\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\PostScript Patterns\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Photoshop Actions\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Photoshop Actions\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Contours\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Contours\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Styles\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Styles\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Textures\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Textures\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\images\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\images\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\images\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\images\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Frame\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Frame\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Light\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Light\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\images\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\images\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Simple\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Simple\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\images\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\images\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\images\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\images\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Frame\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Frame\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 1\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 1\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\images\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\images\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Tools\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Tools\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\ZoomView\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\ZoomView\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Presets\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Presets\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Displacement Maps\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Displacement Maps\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Effects\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Effects\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\File Formats\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\File Formats\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\Lighting Styles\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\Lighting Styles\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Import-Export\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Import-Export\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Parser\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Parser\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Digimarc\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Digimarc\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Automate\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Automate\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Extensions\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Extensions\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\File Formats\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\File Formats\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Filters\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Filters\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Import-Export\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Import-Export\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\File Formats\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\File Formats\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\Filters\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\Filters\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Samples\ImageReady Animations\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Samples\ImageReady Animations\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Samples\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Samples\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Help\images\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Help\images\FOLDER.HTT

    Disinfected

    I:\Program Files\Adobe\Photoshop 7.0\Help\FOLDER.HTT

    Infected with: VBS.Redlof.A (HTT)

    I:\Program Files\Adobe\Photoshop 7.0\Help\FOLDER.HTT

    Disinfected


  6. I have to split up the log because I think it's too big to post.

    Here is section #1.....

    BitDefender Online Scanner

    Scan report generated at: Fri, Jan 04, 2008 - 15:36:36

    Scan path: A:\;C:\;D:\;E:\;F:\;G:\;I:\;J:\;

    Statistics

    Time

    02:33:47

    Files

    918957

    Folders

    12491

    Boot Sectors

    6

    Archives

    19116

    Packed Files

    42240

    Results

    Identified Viruses

    7

    Infected Files

    892

    Suspect Files

    0

    Warnings

    0

    Disinfected

    635

    Deleted Files

    257

    Engines Info

    Virus Definitions

    885451

    Engine build

    AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

    Scan plugins

    14

    Archive plugins

    38

    Unpack plugins

    7

    E-mail plugins

    6

    System plugins

    1

    Scan Settings

    First Action

    Disinfect

    Second Action

    Delete

    Heuristics

    Yes

    Enable Warnings

    Yes

    Scanned Extensions

    *;

    Exclude Extensions

    Scan Emails

    Yes

    Scan Archives

    Yes

    Scan Packed

    Yes

    Scan Files

    Yes

    Scan Boot

    Yes

    Scanned File

    Status

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Program Files\HP\Digital Imaging\bin\backupnotify.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Program Files\HP\Digital Imaging\bin\backupnotify.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Program Files\HP\Digital Imaging\bin\backupnotify.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Program Files\Microsoft Money\System\mnyexpr.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Program Files\Microsoft Money\System\mnyexpr.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Program Files\Microsoft Money\System\mnyexpr.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\SMINST\RECGUARD.EXE.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\WINDOWS\SMINST\RECGUARD.EXE.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\SMINST\RECGUARD.EXE.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\dla\tfswctrl.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\WINDOWS\system32\dla\tfswctrl.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\dla\tfswctrl.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\drvwek.dll.vir

    Infected with: MemScan:Trojan.Virtumonde.IN

    C:\qoobox\Quarantine\C\WINDOWS\system32\drvwek.dll.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\drvwek.dll.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\hkcmd.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\WINDOWS\system32\hkcmd.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\hkcmd.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\hphmon05.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\WINDOWS\system32\hphmon05.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\hphmon05.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\igfxtray.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\WINDOWS\system32\igfxtray.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\igfxtray.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.dll.vir

    Infected with: Trojan.Vundo.DVD

    C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.dll.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.dll.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\ps2.exe.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\WINDOWS\system32\ps2.exe.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\ps2.exe.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX44.tmp.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX44.tmp.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX44.tmp.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX47.tmp.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX47.tmp.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX47.tmp.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX48.tmp.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX48.tmp.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX48.tmp.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX4E.tmp.vir

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX4E.tmp.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX4E.tmp.vir

    Deleted

    C:\qoobox\Quarantine\C\WINDOWS\system32\rqronno.dll.vir

    Infected with: Trojan.Vundo.DTJ

    C:\qoobox\Quarantine\C\WINDOWS\system32\rqronno.dll.vir

    Disinfection failed

    C:\qoobox\Quarantine\C\WINDOWS\system32\rqronno.dll.vir

    Deleted

    C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip=>mljjk.dll

    Infected with: Trojan.Vundo.ZAA

    C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip=>mljjk.dll

    Disinfection failed

    C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip=>mljjk.dll

    Deleted

    C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip

    Updated

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll

    Infected with: Trojan.Vundo.ZAA

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll

    Disinfection failed

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll

    Deleted

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip

    Updated

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll.1

    Infected with: Trojan.Vundo.DVD

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll.1

    Disinfection failed

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>mljjk.dll.1

    Deleted

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip

    Updated

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>rqronno.dll

    Infected with: Trojan.Vundo.DTJ

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>rqronno.dll

    Disinfection failed

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip=>rqronno.dll

    Deleted

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip

    Updated

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>mljjk.dll

    Infected with: Trojan.Vundo.ZAA

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>mljjk.dll

    Disinfection failed

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>mljjk.dll

    Deleted

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip

    Updated

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>osCheck.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>osCheck.exe

    Disinfection failed

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>osCheck.exe

    Deleted

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip

    Updated

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>ccApp.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>ccApp.exe

    Disinfection failed

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip=>ccApp.exe

    Deleted

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip

    Updated

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056956.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056956.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056956.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056959.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056959.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056959.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056961.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056961.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056961.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056963.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056963.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056963.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056964.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056964.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056964.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056965.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056965.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056965.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056966.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056966.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056966.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056967.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056967.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056967.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056968.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056968.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056968.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056969.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056969.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056969.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056970.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056970.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056970.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056971.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056971.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056971.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056976.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056976.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056976.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056980.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056980.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056980.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056999.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056999.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056999.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057001.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057001.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057001.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057002.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057002.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057002.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057003.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057003.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057003.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057005.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057005.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057005.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057006.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057006.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057006.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057007.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057007.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057007.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057008.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057008.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057008.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057009.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057009.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057009.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057010.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057010.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057010.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057011.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057011.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057011.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057013.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057013.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057013.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057019.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057019.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057019.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057071.dll

    Infected with: MemScan:Trojan.Virtumonde.IN

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057071.dll

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057071.dll

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057074.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057074.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057074.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057089.dll

    Infected with: Trojan.Vundo.ZAA

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057089.dll

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057089.dll

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057109.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057109.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057109.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057110.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057110.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057110.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057114.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057114.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057114.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057115.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057115.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057115.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057117.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057117.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057117.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057118.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057118.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057118.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057119.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057119.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057119.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057120.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057120.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057120.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057121.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057121.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057121.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057122.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057122.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057122.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057123.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057123.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057123.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057124.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057124.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057124.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057127.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057127.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057127.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057128.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057128.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057128.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057138.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057138.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057138.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057199.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057199.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057199.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057200.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057200.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057200.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057202.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057202.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057202.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057203.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057203.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057203.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057204.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057204.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057204.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057205.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057205.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057205.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057206.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057206.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057206.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057207.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057207.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057207.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057208.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057208.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057208.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057209.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057209.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057209.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057210.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057210.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057210.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057211.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057211.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057211.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057212.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057212.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057212.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057215.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057215.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057215.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057268.dll

    Infected with: Trojan.Vundo.DVD

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057268.dll

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057268.dll

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057269.dll

    Infected with: Trojan.Vundo.DTJ

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057269.dll

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057269.dll

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058212.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058212.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058212.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058213.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058213.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058213.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058214.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058214.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058214.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058215.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058215.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058215.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058217.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058217.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058217.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058218.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058218.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058218.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058219.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058219.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058219.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058221.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058221.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058221.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058222.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058222.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058222.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058223.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058223.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058223.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058224.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058224.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058224.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058225.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058225.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058225.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058226.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058226.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058226.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058227.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058227.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058227.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058229.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058229.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058229.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058235.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058235.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058235.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058362.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058362.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058362.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058363.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058363.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058363.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058364.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058364.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058364.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058365.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058365.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058365.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058367.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058367.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058367.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058368.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058368.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058368.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058369.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058369.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058369.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058370.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058370.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058370.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058371.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058371.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058371.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058372.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058372.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058372.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058373.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058373.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058373.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058374.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058374.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058374.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058375.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058375.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058375.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058376.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058376.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058376.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058377.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058377.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058377.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058378.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058378.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058378.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058383.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058383.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058383.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058392.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058392.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058392.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058393.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058393.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058393.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058394.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058394.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058394.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058395.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058395.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058395.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058396.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058396.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058396.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058419.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058419.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058419.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058420.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058420.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058420.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058421.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058421.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058421.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058422.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058422.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058422.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058423.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058423.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058423.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058425.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058425.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058425.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058426.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058426.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058426.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058427.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058427.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058427.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058428.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058428.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058428.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058429.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058429.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058429.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058430.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058430.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058430.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058431.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058431.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058431.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058432.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058432.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058432.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058433.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058433.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058433.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058434.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058434.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058434.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058438.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058438.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058438.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058443.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058443.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058443.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058461.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058461.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058461.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058462.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058462.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058462.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058464.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058464.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058464.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058465.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058465.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058465.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058466.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058466.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058466.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058467.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058467.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058467.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058469.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058469.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058469.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058470.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058470.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058470.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058471.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058471.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058471.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058472.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058472.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058472.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058473.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058473.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058473.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058474.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058474.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058474.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058475.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058475.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058475.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058476.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058476.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058476.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058477.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058477.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058477.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058478.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058478.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058478.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058479.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058479.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058479.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058480.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058480.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058480.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058516.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058516.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058516.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058518.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058518.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058518.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058520.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058520.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058520.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058521.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058521.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058521.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058522.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058522.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058522.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058523.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058523.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058523.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058525.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058525.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058525.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058527.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058527.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058527.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058532.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058532.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058532.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058533.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058533.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058533.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058540.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058540.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058540.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058542.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058542.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058542.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058543.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058543.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058543.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058545.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058545.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058545.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058546.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058546.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058546.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058548.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058548.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058548.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058549.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058549.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058549.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058550.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058550.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058550.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058551.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058551.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058551.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058552.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058552.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058552.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058553.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058553.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058553.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058554.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058554.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058554.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058555.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058555.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058555.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058556.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058556.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058556.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058557.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058557.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058557.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058558.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058558.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058558.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058559.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058559.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058559.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058560.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058560.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058560.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058561.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058561.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058561.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058562.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058562.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058562.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058563.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058563.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058563.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058601.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058601.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058601.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058602.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058602.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058602.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058603.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058603.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058603.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058604.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058604.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058604.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058605.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058605.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058605.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058606.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058606.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058606.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058608.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058608.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058608.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058609.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058609.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058609.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058610.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058610.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058610.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058611.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058611.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058611.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058612.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058612.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058612.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058613.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058613.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058613.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058614.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058614.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058614.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058615.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058615.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058615.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058617.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058617.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058617.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058618.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058618.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058618.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058620.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058620.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058620.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058625.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058625.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058625.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058626.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058626.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058626.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058627.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058627.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058627.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058628.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058628.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058628.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058629.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058629.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058629.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058641.EXE

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058641.EXE

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058641.EXE

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058642.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058642.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058642.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058643.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058643.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058643.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058644.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058644.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058644.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058645.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058645.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058645.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058646.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058646.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058646.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058647.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058647.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058647.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058648.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058648.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058648.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058649.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058649.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058649.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058650.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058650.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058650.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058651.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058651.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058651.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058652.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058652.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058652.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058653.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058653.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058653.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058654.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058654.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058654.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058655.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058655.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058655.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058656.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058656.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058656.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058657.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058657.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058657.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058658.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058658.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058658.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058659.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058659.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058659.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058660.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058660.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058660.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058661.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058661.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058661.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058662.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058662.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058662.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058663.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058663.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058663.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058664.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058664.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058664.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058665.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058665.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058665.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058666.exe

    Infected with: Trojan.Dropper.Vundo.E

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058666.exe

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058666.exe

    Deleted

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058671.dll

    Infected with: Trojan.Vundo.ZAA

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058671.dll

    Disinfection failed

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058671.dll

    Deleted


  7. Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 12:30:23 PM, on 1/4/2008

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

    C:\Program Files\Avast4\aswUpdSv.exe

    C:\Program Files\Avast4\ashServ.exe

    C:\WINDOWS\system32\ps2.exe

    C:\WINDOWS\system32\igfxtray.exe

    C:\WINDOWS\System32\hphmon05.exe

    C:\WINDOWS\system32\hkcmd.exe

    C:\WINDOWS\system32\dla\tfswctrl.exe

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

    C:\PROGRA~1\Avast4\ashDisp.exe

    C:\Program Files\COMODO\Firewall\cfp.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\Messenger\msmsgs.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe

    C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

    C:\Program Files\COMODO\Firewall\cmdagent.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    C:\Program Files\Avast4\ashMaiSv.exe

    C:\Program Files\Avast4\ashWebSv.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\SiteAdvisor\6253\SAService.exe

    C:\Program Files\SiteAdvisor\6253\SiteAdv.exe

    C:\Program Files\Mozilla Firefox\firefox.exe

    C:\WINDOWS\explorer.exe

    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)

    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll

    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

    O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime

    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

    O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

    O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe

    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s

    O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe

    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"

    O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot

    O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')

    O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')

    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe

    O4 - Global Startup: APC UPS Status.lnk = ?

    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

    O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab

    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

    O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab

    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609

    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab

    O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab

    O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

    O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll

    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

    O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe

    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe

    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe

    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe

    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

    O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe

    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

    O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe

    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --

    End of file - 10709 bytes


  8. ComboFix 07-12-31.4 - Owner 2008-01-04 12:26:14.6 - NTFSx86

    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.311 [GMT -6:00]

    Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe

    .

    The following files were disabled during the run:

    C:\WINDOWS\system32\guard32.dll

    ((((((((((((((((((((((((( Files Created from 2007-12-04 to 2008-01-04 )))))))))))))))))))))))))))))))

    .

    2008-01-04 08:16 . 2008-01-04 08:16 <DIR> d-------- C:\Program Files\SiteAdvisor

    2008-01-04 08:16 . 2008-01-04 08:16 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\SiteAdvisor

    2008-01-04 08:05 . 2008-01-04 08:07 <DIR> d-------- C:\Program Files\SpywareBlaster

    2008-01-04 07:59 . 2008-01-04 07:59 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\SiteAdvisor

    2008-01-04 07:59 . 2008-01-04 08:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor

    2008-01-04 07:59 . 2008-01-04 08:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee

    2008-01-04 07:44 . 2008-01-04 07:44 <DIR> d-------- C:\Program Files\COMODO

    2008-01-04 07:44 . 2008-01-04 07:44 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Comodo

    2008-01-04 07:44 . 2008-01-04 07:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\comodo

    2008-01-04 07:44 . 2008-01-04 07:44 139,008 --a------ C:\WINDOWS\system32\guard32.dll.vir

    2008-01-04 07:44 . 2008-01-04 07:44 79,096 --a------ C:\WINDOWS\system32\drivers\cmdGuard.sys

    2008-01-04 07:44 . 2008-01-04 07:44 23,672 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys

    2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab

    2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab

    2008-01-02 16:15 . 2007-12-04 06:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr

    2008-01-02 16:15 . 2007-12-04 08:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys

    2008-01-02 16:15 . 2007-12-04 08:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys

    2008-01-02 16:15 . 2007-12-04 08:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys

    2008-01-02 16:15 . 2007-12-04 08:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys

    2008-01-02 16:15 . 2007-12-04 08:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys

    2008-01-02 16:14 . 2008-01-02 16:14 <DIR> d-------- C:\Program Files\Avast4

    2008-01-02 16:14 . 2007-12-04 07:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe

    2008-01-02 16:14 . 2004-01-09 03:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx

    2008-01-02 12:57 . 2008-01-02 01:53 483,328 --a------ C:\WINDOWS\system32\hphmon05.exe

    2008-01-02 12:57 . 2008-01-02 01:53 155,648 --a------ C:\WINDOWS\system32\igfxtray.exe

    2008-01-02 12:57 . 2008-01-02 01:53 118,784 --a------ C:\WINDOWS\system32\hkcmd.exe

    2008-01-02 12:57 . 2008-01-02 01:53 81,920 --a------ C:\WINDOWS\system32\ps2.exe

    2008-01-02 08:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe

    2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a--c--- C:\WINDOWS\system32\dllcache\ctfmon.exe

    2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe

    2007-12-19 22:26 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe

    2007-12-19 22:26 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe

    2007-12-19 22:26 . 2007-12-19 22:57 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe

    2007-12-19 22:26 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe

    2007-12-19 22:26 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe

    2007-12-19 22:26 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe

    2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Program Files\Lavasoft

    2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft

    2007-12-19 16:12 . 2007-12-19 16:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard

    2007-12-19 15:53 . 2007-12-19 15:54 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AdwareAlert

    2007-12-19 15:20 . 2007-12-19 15:20 <DIR> d-------- C:\Program Files\Trend Micro

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2008-01-04 18:15 --------- d-----w C:\Program Files\Common Files\Symantec Shared

    2008-01-02 22:47 --------- d-----w C:\Program Files\Morpheus

    2008-01-02 21:41 --------- d-----w C:\Program Files\Symantec

    2008-01-02 21:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec

    2008-01-02 14:51 --------- d-----w C:\Program Files\QuickTime

    2007-12-19 20:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

    2007-12-16 17:07 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso

    2007-11-26 01:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer

    2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys

    2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll

    2007-10-27 23:39 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll

    2007-09-01 12:55 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys

    .

    ((((((((((((((((((((((((((((( snapshot_2008-01-02_ 9.01.43.43 )))))))))))))))))))))))))))))))))))))))))

    .

    - 2004-08-04 03:32:00 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\imjpmig.exe

    + 2007-12-20 13:14:23 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\IMJPMIG.EXE

    - 2002-08-29 12:00:00 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\imekrmig.exe

    + 2007-12-20 13:14:27 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

    + 2008-01-02 07:53:21 233,472 ----a-w C:\WINDOWS\SMINST\RECGUARD.EXE

    + 2008-01-02 07:53:56 114,741 ----a-w C:\WINDOWS\system32\dla\tfswctrl.exe

    - 2002-08-29 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe

    + 2007-12-20 13:14:27 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe

    - 2004-08-04 03:32:00 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe

    + 2007-12-20 13:14:23 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe

    - 2004-08-04 03:31:50 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe

    + 2007-12-20 13:14:26 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe

    - 2004-08-04 03:32:16 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe

    + 2007-12-20 13:14:31 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe

    + 2008-01-04 13:44:03 74,616 ----a-w C:\WINDOWS\system32\drivers\inspect.sys

    - 2004-08-04 03:31:50 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe

    + 2007-12-20 13:14:26 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe

    - 2004-08-04 03:32:16 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe

    + 2007-12-20 13:14:31 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

    + 2005-05-24 18:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll

    + 2007-08-29 21:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe

    + 2007-08-29 21:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll

    + 2008-01-04 14:26:35 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_544.dat

    + 2008-01-04 13:47:52 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_594.dat

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "RecordNow!"="" []

    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-12-20 07:14 15360]

    "BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2008-01-02 01:54 32768]

    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-01-02 01:54 1694208]

    "MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2008-01-02 01:54 200704]

    "AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2008-01-02 01:53 233472]

    "PS2"="C:\WINDOWS\system32\ps2.exe" [2008-01-02 01:53 81920]

    "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-01-02 01:53 155648]

    "HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2008-01-02 01:53 483328]

    "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-01-02 01:53 118784]

    "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2008-01-02 01:53 114741]

    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-02 01:53 185896]

    "QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]

    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2008-01-02 01:54 57344]

    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2007-12-20 07:14 208952]

    "IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2007-12-20 07:14 44032]

    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2007-12-20 07:14 59392]

    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168]

    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168]

    "avast!"="C:\PROGRA~1\Avast4\ashDisp.exe" [2007-12-04 07:00 79224]

    "COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-01-04 07:44 1481984]

    "SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [2007-12-04 15:03 36640]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2006-09-02 17:36 100032]

    "Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

    "AppInit_DLLs"= C:\WINDOWS\system32\guard32.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

    backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk

    backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

    backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk

    backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk

    backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

    2008-01-02 01:54 57344 --a------ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]

    AGRSMMSG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]

    2004-08-16 16:45 45056 --a------ C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]

    rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus XtremeG]

    2004-09-22 13:08 987136 --a------ C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]

    2003-08-21 05:23 49152 --a------ c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]

    1998-05-07 18:04 52736 --a------ c:\windows\system\hpsysdrv.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

    2005-06-24 14:16 278528 --a------ C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]

    2003-02-11 21:02 61440 --a------ C:\HP\KBD\KBD.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]

    2005-05-28 21:48 155648 --------- C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]

    2005-04-02 22:08 98304 --a------ C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

    C:\Program Files\QuickTime\qttask.exe -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient]

    C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

    2006-11-09 15:07 49263 --a------ C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]

    2003-03-31 19:28 155648 --a------ C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]

    c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]

    VTTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

    "Viewpoint Manager Service"=2 (0x2)

    "StarWindService"=2 (0x2)

    "Pml Driver HPZ12"=3 (0x3)

    "ose"=3 (0x3)

    "MDM"=2 (0x2)

    "LiveUpdate"=3 (0x3)

    "iPodService"=3 (0x3)

    "IDriverT"=3 (0x3)

    "comHost"=3 (0x3)

    "Bonjour Service"=2 (0x2)

    "Automatic LiveUpdate Scheduler"=2 (0x2)

    "Adobe LM Service"=3 (0x3)

    R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-01-04 07:44]

    R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-01-04 07:44]

    R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2004-09-02 21:01]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f31d8fe-21d6-11d9-928a-000c76ff2271}]

    \Shell\AutoRun\command - H:\setupSNK.exe

    *Newly Created Service* - CMDAGENT

    *Newly Created Service* - CMDGUARD

    *Newly Created Service* - CMDHLP

    *Newly Created Service* - INSPECT

    *Newly Created Service* - SITEADVISOR_SERVICE

    .

    Contents of the 'Scheduled Tasks' folder

    "2007-12-19 21:53:35 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job"

    - C:\Program Files\AdwareAlert\AdwareAlert.ex

    - C:\Program Files\AdwareAlert

    "2007-12-06 23:50:01 C:\WINDOWS\Tasks\EasyShare Registration Task.job"

    - C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt [email protected]

    .

    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2008-01-04 12:28:22

    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully

    hidden files: 0

    **************************************************************************

    .

    --------------------- DLLs Loaded Under Running Processes ---------------------

    PROCESS: C:\WINDOWS\system32\winlogon.exe

    -> C:\WINDOWS\system32\guard32.dll

    PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]

    -> C:\WINDOWS\system32\guard32.dll

    .

    Completion time: 2008-01-04 12:29:28

    C:\qoobox\ComboFix-quarantined-files.txt 2008-01-04 18:29:18

    C:\qoobox\ComboFix2.txt 2008-01-03 13:25:41

    C:\qoobox\ComboFix3.txt 2008-01-02 19:06:23

    C:\qoobox\ComboFix4.txt 2008-01-02 15:02:19

    C:\qoobox\ComboFix5.txt 2007-12-20 13:48:47

    .

    2008-01-04 13:22:12 --- E O F ---


  9. I: and J: are an external hard drive that I made using my old CPU's hard drive. It also did not run antivirus software.

    Here is the new ComboFix log:

    ComboFix 07-12-31.4 - Owner 2008-01-03 7:17:33.5 - NTFSx86

    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.206 [GMT -6:00]

    Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe

    .

    ((((((((((((((((((((((((( Files Created from 2007-12-03 to 2008-01-03 )))))))))))))))))))))))))))))))

    .

    2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab

    2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\WINDOWS\LastGood

    2008-01-02 20:40 . 2008-01-02 20:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab

    2008-01-02 16:15 . 2007-12-04 06:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr

    2008-01-02 16:15 . 2007-12-04 08:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys

    2008-01-02 16:15 . 2007-12-04 08:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys

    2008-01-02 16:15 . 2007-12-04 08:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys

    2008-01-02 16:15 . 2007-12-04 08:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys

    2008-01-02 16:15 . 2007-12-04 08:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys

    2008-01-02 16:14 . 2008-01-02 16:14 <DIR> d-------- C:\Program Files\Avast4

    2008-01-02 16:14 . 2007-12-04 07:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe

    2008-01-02 16:14 . 2004-01-09 03:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx

    2008-01-02 12:57 . 2008-01-02 01:53 483,328 --a------ C:\WINDOWS\system32\hphmon05.exe

    2008-01-02 12:57 . 2008-01-02 01:53 155,648 --a------ C:\WINDOWS\system32\igfxtray.exe

    2008-01-02 12:57 . 2008-01-02 01:53 118,784 --a------ C:\WINDOWS\system32\hkcmd.exe

    2008-01-02 12:57 . 2008-01-02 01:53 81,920 --a------ C:\WINDOWS\system32\ps2.exe

    2008-01-02 08:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe

    2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a--c--- C:\WINDOWS\system32\dllcache\ctfmon.exe

    2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe

    2007-12-19 22:26 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe

    2007-12-19 22:26 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe

    2007-12-19 22:26 . 2007-12-19 22:57 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe

    2007-12-19 22:26 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe

    2007-12-19 22:26 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe

    2007-12-19 22:26 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe

    2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Program Files\Lavasoft

    2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft

    2007-12-19 16:12 . 2007-12-19 16:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard

    2007-12-19 15:53 . 2007-12-19 15:54 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AdwareAlert

    2007-12-19 15:20 . 2007-12-19 15:20 <DIR> d-------- C:\Program Files\Trend Micro

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2008-01-02 22:47 --------- d-----w C:\Program Files\Morpheus

    2008-01-02 21:43 --------- d-----w C:\Program Files\Common Files\Symantec Shared

    2008-01-02 21:41 --------- d-----w C:\Program Files\Symantec

    2008-01-02 21:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec

    2008-01-02 14:51 --------- d-----w C:\Program Files\QuickTime

    2007-12-19 20:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

    2007-12-16 17:07 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso

    2007-11-26 01:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer

    2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys

    2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll

    2007-10-27 23:39 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll

    2007-09-01 12:55 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys

    .

    ------w			84,640 2008-01-02 07:53:49  C:\Program Files\Common Files\Symantec Shared\ccApp .exe

    ((((((((((((((((((((((((((((( snapshot_2008-01-02_ 9.01.43.43 )))))))))))))))))))))))))))))))))))))))))

    .

    - 2004-08-04 03:32:00 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\imjpmig.exe

    + 2007-12-20 13:14:23 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\IMJPMIG.EXE

    - 2002-08-29 12:00:00 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\imekrmig.exe

    + 2007-12-20 13:14:27 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

    + 2008-01-02 07:53:21 233,472 ----a-w C:\WINDOWS\SMINST\RECGUARD.EXE

    + 2008-01-02 07:53:56 114,741 ----a-w C:\WINDOWS\system32\dla\tfswctrl.exe

    - 2002-08-29 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe

    + 2007-12-20 13:14:27 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe

    - 2004-08-04 03:32:00 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe

    + 2007-12-20 13:14:23 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe

    - 2004-08-04 03:31:50 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe

    + 2007-12-20 13:14:26 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe

    - 2004-08-04 03:32:16 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe

    + 2007-12-20 13:14:31 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe

    - 2004-08-04 03:31:50 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe

    + 2007-12-20 13:14:26 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe

    - 2004-08-04 03:32:16 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe

    + 2007-12-20 13:14:31 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

    + 2005-05-24 18:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll

    + 2007-08-29 21:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe

    + 2007-08-29 21:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll

    + 2008-01-02 23:32:58 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_4f0.dat

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "RecordNow!"="" []

    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-12-20 07:14 15360]

    "BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2008-01-02 01:54 32768]

    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-01-02 01:54 1694208]

    "MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2008-01-02 01:54 200704]

    "AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2008-01-02 01:53 233472]

    "PS2"="C:\WINDOWS\system32\ps2.exe" [2008-01-02 01:53 81920]

    "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-01-02 01:53 155648]

    "HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2008-01-02 01:53 483328]

    "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-01-02 01:53 118784]

    "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2008-01-02 01:53 114741]

    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-02 01:53 185896]

    "QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]

    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2008-01-02 01:54 57344]

    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2007-12-20 07:14 208952]

    "IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2007-12-20 07:14 44032]

    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2007-12-20 07:14 59392]

    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168]

    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168]

    "avast!"="C:\PROGRA~1\Avast4\ashDisp.exe" [2007-12-04 07:00 79224]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2006-09-02 17:36 100032]

    "Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

    backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk

    backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

    backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk

    backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk

    backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

    2008-01-02 01:54 57344 --a------ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]

    AGRSMMSG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]

    2004-08-16 16:45 45056 --a------ C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]

    rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus XtremeG]

    2004-09-22 13:08 987136 --a------ C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]

    2003-08-21 05:23 49152 --a------ c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]

    1998-05-07 18:04 52736 --a------ c:\windows\system\hpsysdrv.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

    2005-06-24 14:16 278528 --a------ C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]

    2003-02-11 21:02 61440 --a------ C:\HP\KBD\KBD.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]

    2005-05-28 21:48 155648 --------- C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]

    2005-04-02 22:08 98304 --a------ C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

    C:\Program Files\QuickTime\qttask.exe -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient]

    C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

    2006-11-09 15:07 49263 --a------ C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]

    2003-03-31 19:28 155648 --a------ C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]

    c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]

    VTTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

    "Viewpoint Manager Service"=2 (0x2)

    "StarWindService"=2 (0x2)

    "Pml Driver HPZ12"=3 (0x3)

    "ose"=3 (0x3)

    "MDM"=2 (0x2)

    "LiveUpdate"=3 (0x3)

    "iPodService"=3 (0x3)

    "IDriverT"=3 (0x3)

    "comHost"=3 (0x3)

    "Bonjour Service"=2 (0x2)

    "Automatic LiveUpdate Scheduler"=2 (0x2)

    "Adobe LM Service"=3 (0x3)

    S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2004-09-02 21:01]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f31d8fe-21d6-11d9-928a-000c76ff2271}]

    \Shell\AutoRun\command - H:\setupSNK.exe

    *Newly Created Service* - AAVMKER4

    *Newly Created Service* - ASWMON2

    *Newly Created Service* - ASWRDR

    *Newly Created Service* - ASWTDI

    *Newly Created Service* - ASWUPDSV

    *Newly Created Service* - AVAST!_ANTIVIRUS

    *Newly Created Service* - AVAST!_MAIL_SCANNER

    *Newly Created Service* - AVAST!_WEB_SCANNER

    .

    Contents of the 'Scheduled Tasks' folder

    "2007-12-19 21:53:35 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job"

    - C:\Program Files\AdwareAlert\AdwareAlert.ex

    - C:\Program Files\AdwareAlert

    "2007-12-06 23:50:01 C:\WINDOWS\Tasks\EasyShare Registration Task.job"

    - C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt [email protected]

    .

    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2008-01-03 07:24:38

    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully

    hidden files: 0

    **************************************************************************

    .

    Completion time: 2008-01-03 7:25:41

    C:\qoobox\ComboFix-quarantined-files.txt 2008-01-03 13:25:18

    C:\qoobox\ComboFix2.txt 2008-01-02 19:06:23

    C:\qoobox\ComboFix3.txt 2008-01-02 15:02:19

    C:\qoobox\ComboFix4.txt 2007-12-20 13:48:47

    C:\qoobox\ComboFix5.txt 2007-12-20 04:52:57

    .

    2008-01-03 13:20:45 --- E O F ---


  10. Here is the new hijackthis log.

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 11:58:00 PM, on 1/2/2008

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

    C:\Program Files\Avast4\aswUpdSv.exe

    C:\Program Files\Avast4\ashServ.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    C:\Program Files\Avast4\ashMaiSv.exe

    C:\Program Files\Avast4\ashWebSv.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\system32\ps2.exe

    C:\WINDOWS\system32\igfxtray.exe

    C:\WINDOWS\System32\hphmon05.exe

    C:\WINDOWS\system32\hkcmd.exe

    C:\WINDOWS\system32\dla\tfswctrl.exe

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

    C:\WINDOWS\System32\svchost.exe

    C:\PROGRA~1\Avast4\ashDisp.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\Messenger\msmsgs.exe

    C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe

    C:\Program Files\Mozilla Firefox\firefox.exe

    C:\Program Files\internet explorer\iexplore.exe

    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)

    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll

    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

    O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime

    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

    O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

    O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe

    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"

    O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot

    O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')

    O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')

    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe

    O4 - Global Startup: APC UPS Status.lnk = ?

    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

    O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab

    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

    O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab

    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609

    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab

    O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab

    O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

    O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe

    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe

    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe

    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe

    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --

    End of file - 10062 bytes


  11. Here is the log from the virus scan I completed.

    -------------------------------------------------------------------------------

    KASPERSKY ONLINE SCANNER REPORT

    Wednesday, January 02, 2008 11:56:47 PM

    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)

    Kaspersky Online Scanner version: 5.0.98.0

    Kaspersky Anti-Virus database last update: 3/01/2008

    Kaspersky Anti-Virus database records: 501803

    -------------------------------------------------------------------------------

    Scan Settings:

    Scan using the following antivirus database: extended

    Scan Archives: true

    Scan Mail Bases: true

    Scan Target - My Computer:

    A:\

    C:\

    D:\

    E:\

    F:\

    G:\

    I:\

    J:\

    Scan Statistics:

    Total number of scanned objects: 152088

    Number of viruses found: 19

    Number of infected objects: 922

    Number of suspicious objects: 0

    Duration of the scan process: 02:57:53

    Infected Object Name / Virus Name / Last Action

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

    C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-01-02_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

    C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\cert8.db Object is locked skipped

    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\history.dat Object is locked skipped

    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\key3.db Object is locked skipped

    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\parent.lock Object is locked skipped

    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\search.sqlite Object is locked skipped

    C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\urlclassifier2.sqlite Object is locked skipped

    C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\Owner\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

    C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\Cache\_CACHE_001_ Object is locked skipped

    C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\Cache\_CACHE_002_ Object is locked skipped

    C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\Cache\_CACHE_003_ Object is locked skipped

    C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\rkwhs3ov.default\Cache\_CACHE_MAP_ Object is locked skipped

    C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped

    C:\Program Files\Avast4\DATA\aswResp.dat Object is locked skipped

    C:\Program Files\Avast4\DATA\Avast4.db Object is locked skipped

    C:\Program Files\Avast4\DATA\integ\avast.int Object is locked skipped

    C:\Program Files\Avast4\DATA\log\AshWebSv.ws Object is locked skipped

    C:\Program Files\Avast4\DATA\log\aswMaiSv.log Object is locked skipped

    C:\Program Files\Avast4\DATA\log\nshield.log Object is locked skipped

    C:\Program Files\Avast4\DATA\report\Resident protection.txt Object is locked skipped

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\HP\Digital Imaging\bin\backupnotify.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\Messenger\msmsgs.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\Microsoft Money\System\mnyexpr.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\Outerinfo\FF\components\FF.dll.vir Infected: not-a-virus:AdWare.Win32.ZenoSearch.ad skipped

    C:\qoobox\Quarantine\C\Program Files\Outerinfo\OiUninstaller.exe.vir/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.gn skipped

    C:\qoobox\Quarantine\C\Program Files\Outerinfo\OiUninstaller.exe.vir NSIS: infected - 1 skipped

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask .exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\Program Files\yvqdgbir\qdsjihqj.dll.vir Infected: Trojan-Downloader.Win32.Zlob.fof skipped

    C:\qoobox\Quarantine\C\WINDOWS\SMINST\RECGUARD.EXE.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\dla\tfswctrl.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\drvwek.dll.vir Infected: Trojan.Win32.Dialer.yz skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\hkcmd.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\hphmon05.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\igfxtray.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\mljjk.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\njprckha\njprckha1.exe.vir Infected: not-a-virus:FraudTool.Win32.UltimateDefender.aa skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\njprckha\njprckha2.exe.vir Infected: not-a-virus:FraudTool.Win32.UltimateDefender.v skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\njprckha\njprckha3.exe.vir Infected: not-a-virus:Downloader.Win32.UltimateFix.d skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\ps2.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX44.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX47.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX48.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\C\WINDOWS\system32\RCX4E.tmp.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip/mljjk.dll Infected: Virus.Win32.Trats.c skipped

    C:\qoobox\Quarantine\catchme2007-12-19_224531.46.zip ZIP: infected - 1 skipped

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip/mljjk.dll Infected: Virus.Win32.Trats.c skipped

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip/rqronno.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.cln skipped

    C:\qoobox\Quarantine\catchme2007-12-20_ 74213.90.zip ZIP: infected - 2 skipped

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip/mljjk.dll Infected: Virus.Win32.Trats.c skipped

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip/osCheck.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip/ccApp.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\qoobox\Quarantine\catchme2008-01-02_ 85714.23.zip ZIP: infected - 3 skipped

    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056956.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056959.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056961.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056963.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056964.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056965.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056966.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056967.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056968.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056969.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056970.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056971.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056976.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056980.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0056999.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057001.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057002.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057003.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057005.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057006.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057007.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057008.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057009.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057010.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057011.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057013.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP820\A0057019.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057067.dll Infected: Trojan-Downloader.Win32.Zlob.fof skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057068.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.aa skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057069.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.v skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057070.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.d skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057071.dll Infected: Trojan.Win32.Dialer.yz skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057074.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057076.exe/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.gn skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057076.exe NSIS: infected - 1 skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057081.dll Infected: not-a-virus:AdWare.Win32.ZenoSearch.ad skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057089.dll Infected: Virus.Win32.Trats.c skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057109.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057110.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057114.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057115.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057117.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057118.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057119.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057120.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057121.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057122.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057123.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057124.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057127.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057128.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP823\A0057138.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057199.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057200.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057202.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057203.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057204.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057205.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057206.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057207.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057208.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057209.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057210.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057211.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057212.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057215.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057249.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057250.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP825\A0057251.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0057269.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.cln skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058212.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058213.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058214.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058215.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058217.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058218.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058219.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058221.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058222.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058223.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058224.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058225.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058226.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058227.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058229.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP826\A0058235.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058362.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058363.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058364.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058365.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058367.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058368.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058369.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058370.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058371.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058372.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058373.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058374.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058375.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058376.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058377.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058378.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP827\A0058383.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058392.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058393.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058394.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058395.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP828\A0058396.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058419.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058420.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058421.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058422.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058423.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058425.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058426.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058427.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058428.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058429.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058430.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058431.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058432.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058433.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058434.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058438.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP829\A0058443.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058461.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058462.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058464.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058465.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058466.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058467.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058469.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058470.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058471.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058472.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058473.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058474.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058475.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058476.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058477.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058478.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058479.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058480.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058516.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058518.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058520.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058521.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058522.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058523.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058525.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058527.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058532.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058533.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058540.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058542.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058543.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058545.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058546.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058548.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058549.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058550.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058551.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058552.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058553.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058554.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058555.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058556.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058557.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058558.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058559.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058560.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058561.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058562.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP830\A0058563.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058601.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058602.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058603.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058604.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058605.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058606.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058608.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058609.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058610.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058611.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058612.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058613.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058614.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058615.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058617.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058618.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP833\A0058620.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058625.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058626.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058627.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058628.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058629.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058641.EXE Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058642.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058643.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058644.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058645.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058646.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058647.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058648.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058649.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058650.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058651.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058652.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058653.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058654.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058655.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058656.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058657.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058658.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058659.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058660.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058661.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058662.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058663.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058664.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058665.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058666.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP834\A0058671.dll Infected: Virus.Win32.Trats.c skipped

    C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP836\change.log Object is locked skipped

    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

    C:\WINDOWS\SchedLgU.Txt Object is locked skipped

    C:\WINDOWS\SoftwareDistribution\EventCache\{C93236CA-31EC-4962-926C-F618EDDE61EC}.bin Object is locked skipped

    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

    C:\WINDOWS\Sti_Trace.log Object is locked skipped

    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

    C:\WINDOWS\system32\config\Antiviru.evt Object is locked skipped

    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\default Object is locked skipped

    C:\WINDOWS\system32\config\default.LOG Object is locked skipped

    C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

    C:\WINDOWS\system32\config\SAM Object is locked skipped

    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\SECURITY Object is locked skipped

    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

    C:\WINDOWS\system32\config\software Object is locked skipped

    C:\WINDOWS\system32\config\software.LOG Object is locked skipped

    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\system Object is locked skipped

    C:\WINDOWS\system32\config\system.LOG Object is locked skipped

    C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped

    C:\WINDOWS\system32\h323log.txt Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

    C:\WINDOWS\TEMP\Perflib_Perfdata_4f0.dat Object is locked skipped

    C:\WINDOWS\TEMP\_avast4_\Webshlock.txt Object is locked skipped

    C:\WINDOWS\wiadebug.log Object is locked skipped

    C:\WINDOWS\wiaservc.log Object is locked skipped

    C:\WINDOWS\WindowsUpdate.log Object is locked skipped

    I:\Program Files\Trident Microsystems, Inc\Display Driver\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Trident Microsystems, Inc\trident\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Trident Microsystems, Inc\trident\lessons\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Trident Microsystems, Inc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\WinRAR\Formats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\avs\newpicks\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\avs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\Images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\sayings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\resources\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\names\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\ValentinesDancer\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\models\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\Atomic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\Dotorama\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\arsc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\rsc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\Dream\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Art\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\Models\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\Terrain\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\wtvis\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\wt\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\CLIMAX PRESETS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\CLIMAX PALETTES\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\G-Force ColorMaps\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\G-Force DeltaFields\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\G-Force Particles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\G-Force WaveShapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\G-Force\Extras\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\G-Force\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\ml\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\Plugins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\AOD\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Winamp\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\AnalogX\Scratch\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\AnalogX\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\WinZip\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\OutputFiles\no artist\no title\New Folder (2)\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\OutputFiles\no artist\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\OutputFiles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\OutputFiles\unknown artist\New CD\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\OutputFiles\unknown artist\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\LocalCDDB\blues\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\LocalCDDB\classical\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\LocalCDDB\country\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\LocalCDDB\data\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\LocalCDDB\folk\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\LocalCDDB\jazz\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\LocalCDDB\misc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\LocalCDDB\newage\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\LocalCDDB\reggae\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\LocalCDDB\rock\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\LocalCDDB\soundtrack\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\LocalCDDB\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\cdex 130\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\motion\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Palettes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\AEFilters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\sweet\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Common\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Components\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Tools\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Codecs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Icons\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Graphics\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Htmfiles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Styles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\Context\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\RNCompiler\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Plug-ins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Settings\DV - NTSC\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Settings\DV - PAL\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Settings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\system\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Sample Folder\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Help\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Project-Archive\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\trunks.TMP\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\Adobe Premiere Preview Files\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Premiere 6.0\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\HTML\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\WEBBUY\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\InterTrust\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Reader\JavaScripts\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Reader\SPPlugins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Reader\Optional\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Reader\Legal\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Reader\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\PFM\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Resource\Font\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Resource\CMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Resource\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Help\ENU\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Acrobat 5.0\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Legal\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Required\ImageReady Default Actions\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Required\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To Graphics Editor\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Helpers\Jump To HTML Editor\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Helpers\Preview In\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Helpers\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Colors\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Output Settings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Optimized Settings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\Adobe Photoshop Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Brushes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Books\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\Adobe Photoshop Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Color Swatches\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Custom Shapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Gray-Black Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\PANTONE® Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\Process Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Gray Quadtones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\PANTONE® Quadtones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\Process Quadtones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\Quadtones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Gray Tritones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\PANTONE® Tritones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\Process Tritones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\TRITONE\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Duotones\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Gradients\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Layouts\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\Adobe ImageReady Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\PostScript Patterns\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Patterns\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Photoshop Actions\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Contours\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Styles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Textures\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Blue & Gray\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Dark\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Frame\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Light\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Horizontal Patterned\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Simple\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Table - Blue\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Frame\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 1\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\Vertical Slide Show 2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\WebContactSheet\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\Tools\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\ZoomView\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Displacement Maps\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\File Formats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\Lighting Styles\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Filters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Import-Export\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Parser\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Digimarc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Automate\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Extensions\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\File Formats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Filters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Import-Export\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\File Formats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\Filters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe ImageReady Only\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Samples\ImageReady Animations\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Samples\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Help\images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\Adobe\Photoshop 7.0\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\VST\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Generators\Wasp\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Generators\Wasp\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Generators\3x Osc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Generators\BeepMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Generators\Plucked!\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Data\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Generators\MIDI out\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Generators\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity wrapper\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity NoteBook\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Effects\Fruity PanOMatic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity PanOMatic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity NoteBook\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\Fruity wrapper\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\Data\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\MIDI out\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Plucked!\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\Images\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\BeepMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\3x Osc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Wasp\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\Fruity wrapper\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\SimSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\Generators\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\Fruity\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Plugins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Config\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Goodies\FLP file format\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Goodies\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Help\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Internet\About\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Internet\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Loops\Basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Loops\Cool stuff\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Loops\Cover songs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Loops\DrumSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Loops\MIDI\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Loops\Remixes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Loops\Songwriters\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Loops\TS404\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Loops\Covers\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Loops\Misc\DrumSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Loops\Misc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Loops\Tutorial\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Loops\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Artwork\Full\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Artwork\Wallpapers\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Artwork\Skins\Default\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Artwork\Skins\New steps\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Artwork\Skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Artwork\Demo\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Artwork\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\WAV\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\MIDI\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\8 channels\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Acoustic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 78\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\CR 8000\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Electro\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Percussion\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\R & B\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\Techno\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 808\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\TR 909\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\DrumSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\Basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\Basic TS404\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\Club basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\Empty\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\Studio\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\808\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\ReBirth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumKits\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\ml_shapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\Andrew\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Shapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\bass\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\drums\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Echo delay FX\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\FX\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Long\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\misc synths\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Short\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\string vars\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Strings\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Synth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Andrew\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\Guitar\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Basses\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Packs\Basic\General\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Packs\Basic\HiHats\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\Looped\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Kicks\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Snares\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Stabs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Packs\Basic\Voices\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Packs\Basic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Packs\ReBirth import (LQ)\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Packs\Vintage\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Packs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DS_Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DS_Various\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\TS404 presets\Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\TS404 presets\Extra2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\TS404 presets\Extra3\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\TS404 presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity 7 band EQ\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity delay\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity filter\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity free filter\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity reeverb\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\WASP\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\Plucked!\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\BeepMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\3x Osc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\MIDI out\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity phaser\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity PanOMatic\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity flanger\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\Fruity wrapper\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\SimSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FX presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Humanize presets\Grooves\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Humanize presets\Level\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Humanize presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SS_Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SS_Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SS2_Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SS2_Extra\2.7\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SS2_Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SS2_Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SS2_Riffs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\TS404 shapes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Used by tunes\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Channel presets\BeepMap\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Channel presets\3x Osc\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\Channel presets\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumSynth\Fuzz\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumSynth\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumSynth\Various\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\DrumSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SimSynth\Effects\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SimSynth\Effects 2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SimSynth\Extra\2.7\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SimSynth\Extra\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SimSynth\Instruments\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SimSynth\Instruments 2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SimSynth\Riffs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\SimSynth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\System\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\STARTSONG\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Samples\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins\3D Wheels\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins\Big Scope\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins\Dark keyboard\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins\Default\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins\Grip\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins\Lights\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins\Magnum\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins\My little playlist\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins\Red LCD\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins\Red White Keys\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins\Wide\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins 3\Default\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins 3\New steps\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Skins 3\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Texts\html\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Texts\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Tools\BeatSlicer\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Tools\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\Trash bin\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\FruityLoops\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\igowin\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\CHANGJIE\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\PowerDVD\Skins\Crystal\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\PowerDVD\Skins\Neo\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\PowerDVD\Skins\Oscar\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\PowerDVD\Skins\Epiphany\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\PowerDVD\Skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\PowerDVD\HTML\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\Program Files\PowerDVD\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\RECYCLED\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\audio\soundforge\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\audio\ACID\songs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\audio\ACID\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\audio\rebirth2\Default Songs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\audio\rebirth2\Demo Songs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\audio\rebirth2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\audio\ZILLION\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\FAILSAFE.DRV\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\unzipped\cdex_130\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\unzipped\cheatsheet_compiler\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Bee's Stuff\dload\sites\Main\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Bee's Stuff\dload\sites\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Bee's Stuff\dload\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Bee's Stuff\dload\flashget dl.exe/WISE0018.BIN/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped

    I:\My Documents BEE\Bee's Stuff\dload\flashget dl.exe/WISE0018.BIN Infected: not-a-virus:AdWare.Win32.Cydoor skipped

    I:\My Documents BEE\Bee's Stuff\dload\flashget dl.exe WiseSFX: infected - 2 skipped

    I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/NHInstall.exe Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped

    I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/v2.0.2.cab/NHUninstaller.exe Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped

    I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/v2.0.2.cab/NHelper.dll Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped

    I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/v2.0.2.cab/NHUpdater.exe Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped

    I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009/v2.0.2.cab Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped

    I:\My Documents BEE\Bee's Stuff\dload\setup.exe/data0009 Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped

    I:\My Documents BEE\Bee's Stuff\dload\setup.exe NSIS: infected - 6 skipped

    I:\My Documents BEE\Bee's Stuff\dload\B T\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Bee's Stuff\dload\PowerDVD 5.0\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Bee's Stuff\Faye's Stuff\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Bee's Stuff\Anime\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Bee's Stuff\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\system\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\addons\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\skins\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.603 skipped

    I:\My Documents BEE\sysreset\download\bm98\3am\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\download\bm98\housecat\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\download\bm98\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\download\bm98\applejuice2\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\download\bm98\Docs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\download\bm98\Image\BM\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\download\bm98\Image\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\download\bm98\success\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\download\bm98\loverebirth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\download\bm98\breeze\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\download\bm98\lovesrebirth_truthmix\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\logs\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\sounds\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\sysreset\sysreset251.exe/mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.603 skipped

    I:\My Documents BEE\sysreset\sysreset251.exe RAR: infected - 1 skipped

    I:\My Documents BEE\sysreset\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Online UrL\East\news\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Online UrL\East\music\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Online UrL\East\culture\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Online UrL\East\anime\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Online UrL\East\language\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Online UrL\East\film\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Online UrL\East\D V D\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Online UrL\East\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    I:\My Documents BEE\Online UrL\BellSouth\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\DATA\EN\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\LANG\PQ\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\LANG\QR\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\LANG\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\BOM\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\ACC\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\QRIA\APPL.ZIP\INSTALL\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\QRIA\APPL.ZIP\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\QRIA\CPQS\QUICKSR\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\QRIA\CPQS\SUPPORT\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\QRIA\CPQS\TOOLS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\QRIA\CPQS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\QRIA\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\TOOLS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\PATCHES\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1512970A06\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1512970A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151297\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151308\B2A30\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151308\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151308\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151360\B2A03\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151360\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151360\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151370\B2A05\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151370\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151370\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1514160A16\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1514160A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151416\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1515520A15\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1515520A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151552\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151558\B2A12\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151558\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151558\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1515800D01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1515800D\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151580\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151616\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151616\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151616\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1516360A05\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1516360A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151636\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1516620A12\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1516620A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151662\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1516890A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1516890A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151689\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1516900A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1516900A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151690\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1516950A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1516950A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151695\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151697\B2A03\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151697\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151697\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151716\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151716\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\151716\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\155959\B2A22\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\155959\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\155959\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1559920A03\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1559920A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\155992\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1559930A13\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1559930A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\155993\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1559940A06\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1559940A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\155994\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156020\B2A11\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156020\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156020\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1560280A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1560280A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156028\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156029\B2A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156029\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156029\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1561150A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1561150A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156115\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156121\B2A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156121\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156121\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1561990A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1561990A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156199\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156208\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156208\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156208\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562090A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562090A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156209\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562110A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562110A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156211\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562130A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562130A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156213\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562140A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562140A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156214\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562220A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562220A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156222\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562230A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562230A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156223\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562240A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562240A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156224\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562250A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562250A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156225\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562260A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562260A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156226\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562310A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562310A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156231\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562500A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1562500A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156250\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156261\B2A02\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156261\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156261\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156354\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156354\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156354\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156368\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156368\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156368\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\ICONS\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1559230A03\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1559230A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\155923\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1560250A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1560250A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156025\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156036\B2A13\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156036\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156036\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156045\B2A06\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156045\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156045\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156080\B2A09\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156080\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156080\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1560850A07\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\1560850A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\156085\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\3249380H08\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\3249380H\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\324938\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\3249510R18\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\3249510R\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\324951\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\3249990L16\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\3249990L\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\324999\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\3518090D06\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\3518090D\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\351809\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\3520710D04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\3520710D\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\352071\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\352115\B2A19\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\352115\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\352115\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\3522000A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\3522000A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\352200\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\352204\B2A01\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\352204\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\352204\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\400635\B2A21\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\400635\B2A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\400635\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\4006380A04\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\4006380A\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\400638\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\CPQDRV\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\RECYCLED\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    J:\msdownld.tmp\FOLDER.HTT Infected: Virus.VBS.Redlof.a skipped

    Scan process completed.


  12. Here's a new HijackThis Log...

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 2:54:55 PM, on 1/2/2008

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\Explorer.EXE

    C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    C:\WINDOWS\system32\ps2.exe

    C:\WINDOWS\system32\igfxtray.exe

    C:\WINDOWS\System32\hphmon05.exe

    C:\WINDOWS\system32\hkcmd.exe

    C:\WINDOWS\system32\dla\tfswctrl.exe

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\Messenger\msmsgs.exe

    C:\WINDOWS\system32\wscntfy.exe

    C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\msiexec.exe

    C:\Program Files\internet explorer\iexplore.exe

    C:\WINDOWS\system32\wuauclt.exe

    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll

    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll

    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"

    O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime

    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

    O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

    O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe

    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"

    O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot

    O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')

    O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')

    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe

    O4 - Global Startup: APC UPS Status.lnk = ?

    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

    O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab

    O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab

    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609

    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab

    O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab

    O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

    O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --

    End of file - 10375 bytes


  13. I can't run Kaspersky Online Scanner. When I go to install the ActiveX component, it says it needs to configure ccCommon and to insert the disc that has ccCommon.

    The 1st two steps I did. Here is the RenV log....

    Ran on Wed 01/02/2008 - 12:57:10.15

    ------w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe

    Entries: 1 (1)
    Directories: 0 Files: 1
    Bytes: 84,640 Blocks: 166

    Here is the Combofix log.............

    ComboFix 07-12-31.4 - Owner 2008-01-02 13:03:13.4 - NTFSx86

    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.331 [GMT -6:00]

    Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe

    Command switches used :: C:\Documents and Settings\Owner\Desktop\CFScript.txt

    * Created a new restore point

    FILE

    C:\WINDOWS\system32\RCX44.tmp

    C:\WINDOWS\system32\RCX48.tmp

    C:\WINDOWS\system32\RCX4E.tmp

    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    C:\WINDOWS\system32\RCX44.tmp

    C:\WINDOWS\system32\RCX48.tmp

    C:\WINDOWS\system32\RCX4E.tmp

    .

    ((((((((((((((((((((((((( Files Created from 2007-12-02 to 2008-01-02 )))))))))))))))))))))))))))))))

    .

    2008-01-02 12:57 . 2008-01-02 01:53 483,328 --a------ C:\WINDOWS\system32\hphmon05.exe

    2008-01-02 12:57 . 2008-01-02 01:53 155,648 --a------ C:\WINDOWS\system32\igfxtray.exe

    2008-01-02 12:57 . 2008-01-02 01:53 118,784 --a------ C:\WINDOWS\system32\hkcmd.exe

    2008-01-02 12:57 . 2008-01-02 01:53 81,920 --a------ C:\WINDOWS\system32\ps2.exe

    2008-01-02 08:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe

    2007-12-20 08:58 . 2007-05-29 13:55 22,112 --a------ C:\WINDOWS\system32\drivers\COH_Mon.sys

    2007-12-20 08:58 . 2007-05-29 13:55 10,592 --a------ C:\WINDOWS\system32\drivers\COH_Mon.cat

    2007-12-20 08:58 . 2007-05-29 13:55 705 --a------ C:\WINDOWS\system32\drivers\COH_Mon.inf

    2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a--c--- C:\WINDOWS\system32\dllcache\ctfmon.exe

    2007-12-19 22:47 . 2007-12-20 07:14 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe

    2007-12-19 22:26 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe

    2007-12-19 22:26 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe

    2007-12-19 22:26 . 2007-12-19 22:57 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe

    2007-12-19 22:26 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe

    2007-12-19 22:26 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe

    2007-12-19 22:26 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe

    2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Program Files\Lavasoft

    2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft

    2007-12-19 16:12 . 2007-12-19 16:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard

    2007-12-19 15:53 . 2007-12-19 15:54 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AdwareAlert

    2007-12-19 15:20 . 2007-12-19 15:20 <DIR> d-------- C:\Program Files\Trend Micro

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2008-01-02 14:55 --------- d-----w C:\Program Files\Norton Internet Security

    2008-01-02 14:55 --------- d-----w C:\Program Files\Common Files\Symantec Shared

    2008-01-02 14:51 --------- d-----w C:\Program Files\QuickTime

    2007-12-20 14:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec

    2007-12-20 14:56 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF

    2007-12-20 14:56 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL

    2007-12-20 14:56 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS

    2007-12-20 14:56 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT

    2007-12-20 14:56 --------- d-----w C:\Program Files\Symantec

    2007-12-19 20:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

    2007-12-16 17:07 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso

    2007-12-01 05:57 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys

    2007-12-01 05:57 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys

    2007-12-01 05:57 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys

    2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat

    2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat

    2007-12-01 05:57 10,545 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat

    2007-12-01 05:57 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf

    2007-12-01 05:57 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf

    2007-12-01 05:57 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf

    2007-11-26 01:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer

    2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys

    2007-10-31 01:55 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll

    2007-10-31 01:55 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll

    2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll

    2007-10-27 23:39 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll

    2007-09-01 12:55 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys

    .

    ------w			84,640 2008-01-02 07:53:49  C:\Program Files\Common Files\Symantec Shared\ccApp .exe

    ((((((((((((((((((((((((((((( snapshot_2008-01-02_ 9.01.43.43 )))))))))))))))))))))))))))))))))))))))))

    .

    - 2004-08-04 03:32:00 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\imjpmig.exe

    + 2007-12-20 13:14:23 208,952 ----a-w C:\WINDOWS\ime\imjp8_1\IMJPMIG.EXE

    - 2002-08-29 12:00:00 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\imekrmig.exe

    + 2007-12-20 13:14:27 44,032 ----a-w C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

    + 2008-01-02 07:53:21 233,472 ----a-w C:\WINDOWS\SMINST\RECGUARD.EXE

    + 2008-01-02 07:53:56 114,741 ----a-w C:\WINDOWS\system32\dla\tfswctrl.exe

    - 2002-08-29 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe

    + 2007-12-20 13:14:27 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe

    - 2004-08-04 03:32:00 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe

    + 2007-12-20 13:14:23 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe

    - 2004-08-04 03:31:50 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe

    + 2007-12-20 13:14:26 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe

    - 2004-08-04 03:32:16 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe

    + 2007-12-20 13:14:31 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe

    - 2004-08-04 03:31:50 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe

    + 2007-12-20 13:14:26 59,392 ----a-w C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe

    - 2004-08-04 03:32:16 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe

    + 2007-12-20 13:14:31 455,168 ----a-w C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "RecordNow!"="" []

    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-12-20 07:14 15360]

    "BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2008-01-02 01:54 32768]

    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-01-02 01:54 1694208]

    "MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2008-01-02 01:54 200704]

    "AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2008-01-02 01:53 233472]

    "PS2"="C:\WINDOWS\system32\ps2.exe" [2008-01-02 01:53 81920]

    "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [ ]

    "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-01-02 01:53 155648]

    "HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2008-01-02 01:53 483328]

    "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-01-02 01:53 118784]

    "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2008-01-02 01:53 114741]

    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [ ]

    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-02 01:53 185896]

    "QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]

    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2008-01-02 01:54 57344]

    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2007-12-20 07:14 208952]

    "IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2007-12-20 07:14 44032]

    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2007-12-20 07:14 59392]

    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168]

    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2007-12-20 07:14 455168]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2006-09-02 17:36 100032]

    "Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

    backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk

    backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

    backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk

    backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk

    backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

    2008-01-02 01:54 57344 --a------ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]

    AGRSMMSG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]

    2004-08-16 16:45 45056 --a------ C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]

    rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus XtremeG]

    2004-09-22 13:08 987136 --a------ C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]

    2003-08-21 05:23 49152 --a------ c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]

    1998-05-07 18:04 52736 --a------ c:\windows\system\hpsysdrv.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

    2005-06-24 14:16 278528 --a------ C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]

    2003-02-11 21:02 61440 --a------ C:\HP\KBD\KBD.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]

    2005-05-28 21:48 155648 --------- C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]

    2005-04-02 22:08 98304 --a------ C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

    C:\Program Files\QuickTime\qttask.exe -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient]

    C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

    2006-11-09 15:07 49263 --a------ C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]

    2003-03-31 19:28 155648 --a------ C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]

    c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]

    VTTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

    "Viewpoint Manager Service"=2 (0x2)

    "StarWindService"=2 (0x2)

    "Pml Driver HPZ12"=3 (0x3)

    "ose"=3 (0x3)

    "MDM"=2 (0x2)

    "LiveUpdate"=3 (0x3)

    "iPodService"=3 (0x3)

    "IDriverT"=3 (0x3)

    "comHost"=3 (0x3)

    "Bonjour Service"=2 (0x2)

    "Automatic LiveUpdate Scheduler"=2 (0x2)

    "Adobe LM Service"=3 (0x3)

    R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2004-09-02 21:01]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f31d8fe-21d6-11d9-928a-000c76ff2271}]

    \Shell\AutoRun\command - H:\setupSNK.exe

    *Newly Created Service* - COMHOST

    .

    Contents of the 'Scheduled Tasks' folder

    "2007-12-19 21:53:35 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job"

    - C:\Program Files\AdwareAlert\AdwareAlert.ex

    - C:\Program Files\AdwareAlert

    "2007-12-06 23:50:01 C:\WINDOWS\Tasks\EasyShare Registration Task.job"

    - C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt [email protected]

    "2007-12-15 02:01:35 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Owner.job"

    - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/TASK:

    .

    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2008-01-02 13:05:19

    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully

    hidden files: 0

    **************************************************************************

    .

    Completion time: 2008-01-02 13:06:22

    C:\qoobox\ComboFix-quarantined-files.txt 2008-01-02 19:06:00

    C:\qoobox\ComboFix2.txt 2008-01-02 15:02:19

    C:\qoobox\ComboFix3.txt 2007-12-20 13:48:47

    C:\qoobox\ComboFix4.txt 2007-12-20 04:52:57

    .

    2008-01-02 14:35:19 --- E O F ---


  14. And here's the other one.

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 9:03:39 AM, on 1/2/2008

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    C:\WINDOWS\system32\msiexec.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\system32\wscntfy.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe

    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

    C:\WINDOWS\system32\notepad.exe

    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll

    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll

    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"

    O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime

    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

    O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

    O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe

    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"

    O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot

    O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')

    O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')

    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe

    O4 - Global Startup: APC UPS Status.lnk = ?

    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

    O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

    O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab

    O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab

    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609

    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab

    O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab

    O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

    O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --

    End of file - 10057 bytes


  15. OK. Here's one.

    ComboFix 07-12-31.4 - Owner 2008-01-02 8:45:18.3 - NTFSx86

    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.387 [GMT -6:00]

    Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe

    * Created a new restore point

    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe

    C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe

    C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe

    C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe

    C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe

    C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe

    C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3 .exe

    C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe

    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    C:\Program Files\Common Files\Symantec Shared\ccApp.exe

    C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe

    C:\Program Files\Messenger\msmsgs.exe

    C:\Program Files\Microsoft Money\System\mnyexpr.exe

    C:\Program Files\Norton Internet Security\osCheck.exe

    C:\Program Files\QuickTime\qttask .exe

    C:\Program Files\QuickTime\qttask .exe

    C:\Program Files\QuickTime\qttask .exe

    C:\Program Files\QuickTime\qttask .exe

    C:\Program Files\QuickTime\qttask .exe

    C:\Program Files\QuickTime\qttask .exe

    C:\Program Files\QuickTime\qttask.exe

    C:\WINDOWS\SMINST\RECGUARD.EXE

    C:\WINDOWS\system32\ctfmon.exe.tmp

    C:\WINDOWS\system32\dla\tfswctrl.exe

    C:\WINDOWS\system32\hkcmd.exe

    C:\WINDOWS\system32\hphmon05.exe

    C:\WINDOWS\system32\igfxtray.exe

    C:\WINDOWS\system32\kjjlm.ini

    C:\WINDOWS\system32\kjjlm.ini2

    C:\WINDOWS\system32\mljjk.dll

    C:\WINDOWS\system32\mljjk.exe

    C:\WINDOWS\system32\ps2.exe

    .

    ((((((((((((((((((((((((( Files Created from 2007-12-02 to 2008-01-02 )))))))))))))))))))))))))))))))

    .

    2008-01-02 08:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe

    2008-01-02 01:36 . 2008-01-02 01:37 335,360 --a------ C:\WINDOWS\system32\RCX4E.tmp

    2007-12-20 08:58 . 2007-05-29 13:55 22,112 --a------ C:\WINDOWS\system32\drivers\COH_Mon.sys

    2007-12-20 08:58 . 2007-05-29 13:55 10,592 --a------ C:\WINDOWS\system32\drivers\COH_Mon.cat

    2007-12-20 08:58 . 2007-05-29 13:55 705 --a------ C:\WINDOWS\system32\drivers\COH_Mon.inf

    2007-12-20 07:14 . 2007-12-20 07:14 335,360 --a------ C:\WINDOWS\system32\RCX48.tmp

    2007-12-19 22:47 . 2004-08-03 23:56 15,360 --a--c--- C:\WINDOWS\system32\dllcache\ctfmon.exe

    2007-12-19 22:47 . 2004-08-03 23:56 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe

    2007-12-19 22:26 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe

    2007-12-19 22:26 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe

    2007-12-19 22:26 . 2007-12-19 22:57 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe

    2007-12-19 22:26 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe

    2007-12-19 22:26 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe

    2007-12-19 22:26 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe

    2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Program Files\Lavasoft

    2007-12-19 16:13 . 2007-12-19 16:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft

    2007-12-19 16:12 . 2007-12-19 16:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard

    2007-12-19 15:53 . 2007-12-19 15:54 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AdwareAlert

    2007-12-19 15:20 . 2007-12-19 15:20 <DIR> d-------- C:\Program Files\Trend Micro

    2007-12-19 14:58 . 2007-12-20 07:14 15,360 --a------ C:\WINDOWS\system32\ctfmon .exe

    2007-12-19 14:57 . 2008-01-02 01:53 483,328 --a------ C:\WINDOWS\system32\hphmon05 .exe

    2007-12-19 14:57 . 2007-12-19 14:57 335,360 --a------ C:\WINDOWS\system32\RCX44.tmp

    2007-12-19 14:57 . 2008-01-02 01:53 155,648 --a------ C:\WINDOWS\system32\igfxtray .exe

    2007-12-19 14:57 . 2008-01-02 01:53 118,784 --a------ C:\WINDOWS\system32\hkcmd .exe

    2007-12-19 14:57 . 2008-01-02 01:53 81,920 --a------ C:\WINDOWS\system32\ps2 .exe

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2008-01-02 14:55 --------- d-----w C:\Program Files\Norton Internet Security

    2008-01-02 14:55 --------- d-----w C:\Program Files\Common Files\Symantec Shared

    2008-01-02 14:51 --------- d-----w C:\Program Files\QuickTime

    2007-12-20 14:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec

    2007-12-20 14:56 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF

    2007-12-20 14:56 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS

    2007-12-20 14:56 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT

    2007-12-20 14:56 --------- d-----w C:\Program Files\Symantec

    2007-12-19 20:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

    2007-12-16 17:07 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso

    2007-12-01 05:57 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys

    2007-12-01 05:57 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys

    2007-12-01 05:57 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys

    2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat

    2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat

    2007-12-01 05:57 10,545 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat

    2007-12-01 05:57 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf

    2007-12-01 05:57 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf

    2007-12-01 05:57 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf

    2007-11-26 01:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer

    2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys

    2007-09-01 12:55 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys

    .

    ----a-w			57,344 2008-01-02 07:54:05  C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy .exe
    ----a-w 185,896 2008-01-02 07:53:56 C:\Program Files\Common Files\Real\Update_OB\realsched .exe
    ----a-w 84,640 2008-01-02 07:53:49 C:\Program Files\Common Files\Symantec Shared\ccApp .exe
    ----a-w 32,768 2008-01-02 07:54:21 C:\Program Files\HP\Digital Imaging\bin\backupnotify .exe
    ----a-w 1,694,208 2008-01-02 07:54:43 C:\Program Files\Messenger\msmsgs .exe
    ----a-w 200,704 2008-01-02 07:54:37 C:\Program Files\Microsoft Money\System\mnyexpr .exe
    ----a-w 208,952 2007-12-20 13:14:23 C:\WINDOWS\ime\imjp8_1\IMJPMIG .EXE
    ----a-w 44,032 2007-12-20 13:14:27 C:\WINDOWS\ime\imkr6_1\IMEKRMIG .EXE
    ----a-w 233,472 2008-01-02 07:53:21 C:\WINDOWS\SMINST\RECGUARD .EXE
    ----a-w 15,360 2007-12-20 13:14:38 C:\WINDOWS\system32\ctfmon .exe
    ----a-w 118,784 2008-01-02 07:53:40 C:\WINDOWS\system32\hkcmd .exe
    ----a-w 483,328 2008-01-02 07:53:35 C:\WINDOWS\system32\hphmon05 .exe
    ----a-w 155,648 2008-01-02 07:53:31 C:\WINDOWS\system32\igfxtray .exe
    ----a-w 81,920 2008-01-02 07:53:26 C:\WINDOWS\system32\ps2 .exe
    ----a-w 114,741 2008-01-02 07:53:56 C:\WINDOWS\system32\dla\tfswctrl .exe
    ----a-w 59,392 2007-12-20 13:14:26 C:\WINDOWS\system32\IME\PINTLGNT\ImScInst .exe
    ----a-w 455,168 2007-12-20 13:14:31 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP .EXE

    ((((((((((((((((((((((((((((( [email protected]_22.51.08.62 )))))))))))))))))))))))))))))))))))))))))

    .

    - 2007-03-13 16:57:10 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE

    + 2000-08-31 14:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE

    - 2006-09-02 19:34:34 11,968 ----a-w C:\WINDOWS\system32\drivers\symdns.sys

    + 2007-10-31 01:55:14 12,848 ----a-w C:\WINDOWS\system32\drivers\symdns.sys

    - 2006-09-02 19:34:42 144,832 ----a-w C:\WINDOWS\system32\drivers\symfw.sys

    + 2007-10-31 01:55:20 145,968 ----a-w C:\WINDOWS\system32\drivers\symfw.sys

    - 2006-09-02 19:34:50 39,104 ----a-w C:\WINDOWS\system32\drivers\symids.sys

    + 2007-10-31 01:55:28 39,856 ----a-w C:\WINDOWS\system32\drivers\symids.sys

    - 2006-09-02 19:34:46 33,216 ----a-w C:\WINDOWS\system32\drivers\symndis.sys

    + 2007-10-31 01:55:24 35,120 ----a-w C:\WINDOWS\system32\drivers\symndis.sys

    - 2006-09-02 19:35:06 36,032 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys

    + 2007-10-31 01:55:44 37,936 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys

    - 2006-09-02 19:34:56 26,432 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys

    + 2007-10-31 01:55:34 27,696 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys

    - 2006-09-02 19:35:00 186,048 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys

    + 2007-10-31 01:55:38 191,536 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys

    - 2007-09-17 22:39:52 48,776 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL

    + 2007-12-20 14:56:17 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL

    - 2007-12-14 03:26:50 156,160 ----a-w C:\WINDOWS\system32\swreg.exe

    + 2000-08-31 14:00:00 156,160 ----a-w C:\WINDOWS\system32\swreg.exe

    - 2006-09-02 19:35:16 613,056 ----a-w C:\WINDOWS\system32\SymNeti.dll

    + 2007-10-31 01:55:50 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll

    - 2006-09-02 19:35:10 239,808 ----a-w C:\WINDOWS\system32\SymRedir.dll

    + 2007-10-31 01:55:48 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll

    .

    -- Snapshot reset to current date --

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "RecordNow!"="" []

    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360]

    "BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [ ]

    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ]

    "MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [ ]

    "AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [ ]

    "PS2"="C:\WINDOWS\system32\ps2.exe" [ ]

    "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [ ]

    "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [ ]

    "HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [ ]

    "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [ ]

    "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [ ]

    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [ ]

    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [ ]

    "QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]

    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [ ]

    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-03 21:32 208952]

    "IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2002-08-29 06:00 44032]

    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 21:31 59392]

    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 21:32 455168]

    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 21:32 455168]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2006-09-02 17:36 100032]

    "Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

    backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk

    backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

    backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk

    backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]

    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk

    backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]

    AGRSMMSG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]

    2004-08-16 16:45 45056 --a------ C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]

    rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus XtremeG]

    2004-09-22 13:08 987136 --a------ C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]

    2003-08-21 05:23 49152 --a------ c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]

    1998-05-07 18:04 52736 --a------ c:\windows\system\hpsysdrv.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

    2005-06-24 14:16 278528 --a------ C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]

    2003-02-11 21:02 61440 --a------ C:\HP\KBD\KBD.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]

    2005-05-28 21:48 155648 --------- C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]

    2005-04-02 22:08 98304 --a------ C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

    C:\Program Files\QuickTime\qttask.exe -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient]

    C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

    2006-11-09 15:07 49263 --a------ C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]

    2003-03-31 19:28 155648 --a------ C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]

    c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]

    VTTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

    "Viewpoint Manager Service"=2 (0x2)

    "StarWindService"=2 (0x2)

    "Pml Driver HPZ12"=3 (0x3)

    "ose"=3 (0x3)

    "MDM"=2 (0x2)

    "LiveUpdate"=3 (0x3)

    "iPodService"=3 (0x3)

    "IDriverT"=3 (0x3)

    "comHost"=3 (0x3)

    "Bonjour Service"=2 (0x2)

    "Automatic LiveUpdate Scheduler"=2 (0x2)

    "Adobe LM Service"=3 (0x3)

    R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2004-09-02 21:01]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f31d8fe-21d6-11d9-928a-000c76ff2271}]

    \Shell\AutoRun\command - H:\setupSNK.exe

    *Newly Created Service* - COMHOST

    .

    Contents of the 'Scheduled Tasks' folder

    "2007-12-19 21:53:35 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job"

    - C:\Program Files\AdwareAlert\AdwareAlert.ex

    - C:\Program Files\AdwareAlert

    "2007-12-06 23:50:01 C:\WINDOWS\Tasks\EasyShare Registration Task.job"

    - C:\WINDOWS\system32\rundll32.exelC:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt [email protected]

    "2007-12-15 02:01:35 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Owner.job"

    - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/TASK:

    .

    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2008-01-02 08:57:41

    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully

    hidden files: 0

    **************************************************************************

    .

    Completion time: 2008-01-02 9:02:19 - machine was rebooted

    C:\qoobox\ComboFix-quarantined-files.txt 2008-01-02 15:02:14

    C:\qoobox\ComboFix2.txt 2007-12-20 13:48:47

    C:\qoobox\ComboFix3.txt 2007-12-20 04:52:57

    .

    2008-01-02 14:35:19 --- E O F ---


  16. OK. Thanks for your patience. Here's the new log:

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 1:59:35 AM, on 1/2/2008

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Boot mode: Normal

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    C:\WINDOWS\system32\ps2 .exe

    C:\WINDOWS\system32\igfxtray .exe

    C:\WINDOWS\System32\hphmon05 .exe

    C:\WINDOWS\system32\hkcmd .exe

    C:\Program Files\Common Files\Symantec Shared\ccApp .exe

    C:\Program Files\Common Files\Real\Update_OB\realsched .exe

    C:\WINDOWS\system32\dla\tfswctrl .exe

    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy .exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\WINDOWS\system32\wuauclt.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe

    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

    C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE

    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

    F3 - REG:win.ini: load=C:\WINDOWS\system32\mljjk.exe

    O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll

    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll

    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"

    O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime

    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

    O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

    O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe

    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"

    O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot

    O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')

    O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')

    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe

    O4 - Startup: PowerReg Scheduler V3 .exe

    O4 - Startup: PowerReg Scheduler V3 .exe

    O4 - Startup: PowerReg Scheduler V3 .exe

    O4 - Startup: PowerReg Scheduler V3 .exe

    O4 - Startup: PowerReg Scheduler V3 .exe

    O4 - Startup: PowerReg Scheduler V3 .exe

    O4 - Startup: PowerReg Scheduler V3 .exe

    O4 - Startup: PowerReg Scheduler V3.exe

    O4 - Global Startup: APC UPS Status.lnk = ?

    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

    O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin\core.hp.main\SendTo.html

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) - https://password.bellsouth.net/sdccommon/do...oad/tgctlsr.cab

    O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applicatio...torLauncher.cab

    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1174224923609

    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab

    O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab

    O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

    O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --

    End of file - 10427 bytes


  17. Hi,

    Open Hijack This and place a tick next to this item:

    F3 - REG:win.ini: load=C:\WINDOWS\system32\mljjk.exe

    Reboot into Safe Mode and delete this file:

    C:\WINDOWS\system32\mljjk.exe

    Reboot as you normally would, and post another Hijack This log in a reply here.

    :)

    I am now away from my home for the holidays. I will return to my computer in a week. When I get back, I will follow these steps. Don't forget about me, OK! ;)

    P.S.

    what's a "tick"?