Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

hijacked and virus gold hijacked I need Help


  • This topic is locked This topic is locked
20 replies to this topic

#1 d_stacy1

d_stacy1

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Location:Northeast Florida
  • Local time:11:05 AM

Posted 15 July 2005 - 10:58 AM

SOMEONE PLEASE HELP ME!!!!!!!! I am a novice with internal computer things and I don't want my pc to become disabled to the point I can't use it anymore. I just need someone to walk me through cleaning this stuff out. I have tried many fixes I have seen on your site here but nothing so far has worked. I have run every clean up program I could find on these pages including adadware, spy bot, ewido, cw sredder and more!!!! Following is my hijack this log. I have anti-virus gold as my desk top and can't rid myself of it and I also have about blank with pop ups.

Please help!!!!!!!
Thank you very much for your help and thank you for what you do here it is very important to people like me that do not know pc's.

Logfile of HijackThis v1.99.1
Scan saved at 11:54:04 AM, on 7/15/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ontrack\Internet Cleanup\icserv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Microsoft Works\WksSb.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\winju32.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Ontrack\Internet Cleanup\onictask.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Dennis Stacy\My Documents\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Class - {FF9849CC-6C90-6CAB-B092-7A873652819D} - C:\WINDOWS\ntmx.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [iexplore.exe] C:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [winju32.exe] C:\WINDOWS\system32\winju32.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\RunOnce: [apigb.exe] C:\WINDOWS\system32\apigb.exe
O4 - HKLM\..\RunOnce: [d3vy32.exe] C:\WINDOWS\d3vy32.exe
O4 - HKLM\..\RunOnce: [sdkox.exe] C:\WINDOWS\system32\sdkox.exe
O4 - HKLM\..\RunOnce: [atltz32.exe] C:\WINDOWS\system32\atltz32.exe
O4 - HKLM\..\RunOnce: [ntyz32.exe] C:\WINDOWS\system32\ntyz32.exe
O4 - HKLM\..\RunOnce: [nthf.exe] C:\WINDOWS\system32\nthf.exe
O4 - HKLM\..\RunOnce: [mfcsw.exe] C:\WINDOWS\mfcsw.exe
O4 - HKLM\..\RunOnce: [sysmk.exe] C:\WINDOWS\sysmk.exe
O4 - HKLM\..\RunOnce: [winfe32.exe] C:\WINDOWS\system32\winfe32.exe
O4 - HKLM\..\RunOnce: [ieps.exe] C:\WINDOWS\ieps.exe
O4 - HKLM\..\RunOnce: [crxj32.exe] C:\WINDOWS\system32\crxj32.exe
O4 - HKLM\..\RunOnce: [Pest Cleaning] "C:\Program Files\Yahoo!\YPSR\ppclean.exe" "clean" "smartfinder" "2"
O4 - HKLM\..\RunOnce: [ieho.exe] C:\WINDOWS\ieho.exe
O4 - HKLM\..\RunOnce: [ipfs.exe] C:\WINDOWS\ipfs.exe
O4 - HKLM\..\RunOnce: [msbe32.exe] C:\WINDOWS\msbe32.exe
O4 - HKLM\..\RunOnce: [ipzq32.exe] C:\WINDOWS\ipzq32.exe
O4 - HKLM\..\RunOnce: [d3to32.exe] C:\WINDOWS\system32\d3to32.exe
O4 - HKLM\..\RunOnce: [iexp.exe] C:\WINDOWS\system32\iexp.exe
O4 - HKLM\..\RunOnce: [winfs32.exe] C:\WINDOWS\winfs32.exe
O4 - HKLM\..\RunOnce: [syssy.exe] C:\WINDOWS\syssy.exe
O4 - HKLM\..\RunOnce: [sdkro32.exe] C:\WINDOWS\sdkro32.exe
O4 - HKLM\..\RunOnce: [apiql.exe] C:\WINDOWS\apiql.exe
O4 - HKLM\..\RunOnce: [crno32.exe] C:\WINDOWS\system32\crno32.exe
O4 - HKLM\..\RunOnce: [sdkxp.exe] C:\WINDOWS\system32\sdkxp.exe
O4 - HKLM\..\RunOnce: [addua32.exe] C:\WINDOWS\addua32.exe
O4 - HKLM\..\RunOnce: [winxj32.exe] C:\WINDOWS\system32\winxj32.exe
O4 - HKLM\..\RunOnce: [winsb.exe] C:\WINDOWS\winsb.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Intel system tool] C:\WINDOWS\system32\hookdump.exe
O4 - Startup: Camio Viewer 3.2.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
O4 - Startup: Cleanup.lnk = C:\Program Files\Ontrack\Internet Cleanup\onictask.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1120023640656
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{119E7F82-5370-43DC-9482-178FA441041C}: NameServer = 216.163.96.9 216.163.120.19
O17 - HKLM\System\CS1\Services\Tcpip\..\{119E7F82-5370-43DC-9482-178FA441041C}: NameServer = 216.163.96.9 216.163.120.19
O23 - Service: Workstation NetLogon Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\apigb.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: icservice - ONTRACK Data International, Inc. - C:\Program Files\Ontrack\Internet Cleanup\icserv.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Edited by d_stacy1, 16 July 2005 - 09:42 AM.

(Single) - Dennis in Florida

BC AdBot (Login to Remove)

 


#2 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:06:05 PM

Posted 16 July 2005 - 03:50 PM

Hello,

It's better to print out the next instructions or save them in notepad, because you also have to work in safe mode without networking support, so this page wouldn't be available then.
It is also important you don't miss a step and perform everything in the right order!!

Download smitRem.zip and save the file to your desktop.
Right click on the file and extract it to it's own folder on the desktop.

First of all, I want you to download and install another browser, because for the moment I strongly suggest NOT to use Internet Explorer, because everytime you open it, new malware is getting downloaded.
So, I want you to use Firefox instead to browse the web.
When your system is clean again, you can use your IE again.
Here you can find firefox to download: http://www.mozilla.org/products/firefox/

We also need to disable your Microsoft AntiSpyware Real-time Protection as it may interfere with the fixes.

Open Microsoft AntiSpyware.
Click on Tools, Settings.
In the left pane, click on Real-time Protection.
Under Startup Options uncheck: Enable the Microsoft AntiSpyware Security Agents on startup (recommended).
Under Real-time spyware threat protection uncheck: Enable real-time spyware threat protection (recommended).
After you uncheck these, click on the Save button and close Microsoft AntiSpyware.
Right click on the Microsoft AntiSpyware icon on the taskbar and select Shutdown Microsoft AntiSpyware.

°Download AboutBuster.
Unzip AboutBuster in an own folder such as C:\AboutBuster.
Start AboutBuster.exe. Click OK, Update, Check For Update and download the updates if present.
Close aboutbuster now, because you may not run it yet, that's for later.
If You are getting an error when updating, please let me know first before you proceed with the next steps.

* Download CWShredder. Don't let it run yet!

* Download this regfix: HSfix
Unzip it and place it on your desktop, don't use it yet!

Place a shortcut to Panda ActiveScan on your desktop.

Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/

Please read Ewido Setup Instructions
Install it, and update the definitions to the newest files. Do NOT run a scan yet.

If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates:
Ad-Aware SE Setup
Don't run it yet!

open notepad and copy and paste next bold in it:
(do not forget to copy and paste REGEDIT4 in it!)

REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]


Save this as fix.reg , choose to save as *all files and place it on your desktop.

Next, please reboot your computer in SafeMode by doing the following:
[*]Restart your computer
[*]After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
[*]Instead of Windows loading as normal, a menu should appear
[*]Select the first option, to run Windows in Safe Mode.


Doubleclick on fix.reg you made before and when it asks you if you want to add the contents to the registry, click yes/ok

* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following if still present:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\ivnaq.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {FF9849CC-6C90-6CAB-B092-7A873652819D} - C:\WINDOWS\ntmx.dll
O4 - HKLM\..\Run: [iexplore.exe] C:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [winju32.exe] C:\WINDOWS\system32\winju32.exe
O4 - HKCU\..\Run: [Intel system tool] C:\WINDOWS\system32\hookdump.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O23 - Service: Workstation NetLogon Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\apigb.exe


* Click on Fix Checked when finished and exit HijackThis.

*Start Aboutbuster and let it scan. When the scan is done and you choose exit, it will automatically create a log in the same folder where aboutbuster is in.

*Start Cwshredder and click FIX

* Doubleclick on HSfix you downloaded earlier before which is present on your desktop and when it asks you if you want to add the contents to the registry, click yes/ok

Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.


Open Ad-aware and do a full scan. Remove all it finds.


Now open Ewido Security Suite
Click on scanner

* Click Complete System Scan and the scan will begin.
* During the scan it will prompt you to clean files, click OK
* When the scan is finished, look at the bottom of the screen and click the Save report button.
* Save the report to your desktop

If ewido finds anything, it will pop up a notification. We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), select "none" as the action. DO NOT check "Perform action with all infections". If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.

Close Ewido

Reboot back into Windows and click the Panda ActiveScan shortcut, then do a full system scan. Make sure the autoclean box is checked!
Save the scan log and post it along with a new HijackThis Log, the log smitfiles.txt (which you will find on your C:\) and the Ewido Log by using Add Reply.
Let us know if any problems persist.

It could be possible, after reboot that your system is using the windows classic theme again.
To restore this and set it back to XP-theme, rightclick on your desktop > properties > tab Appearances and choose Windows XP style again under windows and buttons.
Click apply and OK.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 d_stacy1

d_stacy1
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Location:Northeast Florida
  • Local time:11:05 AM

Posted 16 July 2005 - 05:26 PM

I am already having difficulty with your instuctions. I copied regedit4 to notepad as you asked but when I reboot to safe mode and open it it does not ask if I want to add it to my register?? What should I do next????

Thank you so very much for your help.
(Single) - Dennis in Florida

#4 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:06:05 PM

Posted 16 July 2005 - 05:35 PM

Hello.. you need to copy the entire thing in notepad.
I'll put it in a field for you:

REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

This is how it must look afterwards on your desktop:
Posted Image

Make sure you copy and paste it in notepad and not in wordpad or whatever.
Also, make sure you save it as fix.reg , choose to save as *all files and place it on your desktop.
When you doubleclick on fix.reg, or rightclick on it and choose 'merge', it will ask you if you want to merge it to the registry.

I hope you're not posting here from safe mode, because you are supposed to choose safe mode without networking support! :thumbsup:

Edited by miekiemoes, 16 July 2005 - 05:37 PM.

AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#5 d_stacy1

d_stacy1
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Location:Northeast Florida
  • Local time:11:05 AM

Posted 16 July 2005 - 09:52 PM

Hello again miekiemoes, or who ever else may help,

I have gotten back my desk top and everything seems normal excapt my homepage wants to open automatically and connect to the internet when I log onto my pc. This was one of the original problems that kept showing about blank. I am posting the logs I was able to get, but the log for smitrem.zip I can't figure out how to get. I can't figure out how to get that one to my desk top.

Please look at these and tell me what's next. I can't tell you how much I appreciate your help.




Scan saved at 10:36:34 PM, on 7/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Ontrack\Internet Cleanup\icserv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Microsoft Works\WksSb.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Ontrack\Internet Cleanup\onictask.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Dennis Stacy\My Documents\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [iexplore.exe] C:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Startup: Camio Viewer 3.2.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
O4 - Startup: Cleanup.lnk = C:\Program Files\Ontrack\Internet Cleanup\onictask.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1120023640656
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{119E7F82-5370-43DC-9482-178FA441041C}: NameServer = 216.163.96.9 216.163.120.19
O17 - HKLM\System\CS1\Services\Tcpip\..\{119E7F82-5370-43DC-9482-178FA441041C}: NameServer = 216.163.96.9 216.163.120.19
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: icservice - ONTRACK Data International, Inc. - C:\Program Files\Ontrack\Internet Cleanup\icserv.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

ncident Status Location

Adware:adware/antivirus-gold No disinfected C:\DOCUMENTS AND SETTINGS\DENNIS STACY\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\AntivirusGold 2.0.lnk
Adware:Adware/Antivirus-gold No disinfected C:\Documents and Settings\Dennis Stacy\Local Settings\Temp\cbfm.exe



ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 8:19:14 PM, 7/16/2005
+ Report-Checksum: E1003CD9

+ Scan result:

C:\WINDOWS\_default.pif:ujxqq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:uktvb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:ulqsn -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:umifn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:umiuz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:umuck -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:unooq -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:unpxd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:utsvl -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:uukwl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:uwogg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:uydkbo -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:uylev -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:uzdnd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:vedyh -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:vfqio -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:vgwdt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:vinkj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:vmbzx -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:vonky -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:voqlep -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:vtsww -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:vugmzt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:vybyn -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:vygtz -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:vygtzt -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:waovl -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:wjdup -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:wjgqp -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:wkmsl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:wlokqw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:wmerl -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:wnajz -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:woikp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:wpnhb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:wswwrs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:wuizk -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:wyqzi -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:wzfac -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:xasuq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:xdftv -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:xfquj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:xjjaj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:xjtaa -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:xmhph -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:xmuzt -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:xobrxz -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\_default.pif:xonyb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:xxjxk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:xycyi -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:xzyuu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:yanes -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:ycqmx -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:yebgb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:yfzxoh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:yhqbb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:yjrpy -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:yowxo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:yumxxb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ywyam -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:zbgeb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:zcukb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:zeedy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:zgawam -> TrojanDownloader.Agent.bq : Cleaned with backup


::Report End

Thank you very much again.

Edited by d_stacy1, 16 July 2005 - 09:53 PM.

(Single) - Dennis in Florida

#6 d_stacy1

d_stacy1
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Location:Northeast Florida
  • Local time:11:05 AM

Posted 17 July 2005 - 01:30 AM

I dedided to run the process you gave me one more time to ensure I did everything the right way and found some more problems. I am posting new logs from this second run. Things seem to working much better on my pc now and it seems to be running much faster. Please let me know if there is anything else I need to do to ensure everyting is cleaned out.




Logfile of HijackThis v1.99.1
Scan saved at 2:41:44 AM, on 7/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Ontrack\Internet Cleanup\icserv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Microsoft Works\WksSb.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Ontrack\Internet Cleanup\onictask.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dennis Stacy\My Documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Startup: Camio Viewer 3.2.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
O4 - Startup: Cleanup.lnk = C:\Program Files\Ontrack\Internet Cleanup\onictask.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1120023640656
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{119E7F82-5370-43DC-9482-178FA441041C}: NameServer = 216.163.96.9 216.163.120.19
O17 - HKLM\System\CS1\Services\Tcpip\..\{119E7F82-5370-43DC-9482-178FA441041C}: NameServer = 216.163.96.9 216.163.120.19
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: icservice - ONTRACK Data International, Inc. - C:\Program Files\Ontrack\Internet Cleanup\icserv.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe



---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 1:36:10 AM, 7/17/2005
+ Report-Checksum: DF920EF9

+ Scan result:

C:\WINDOWS\_default.pif:zgout -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:zgzlp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:zlkuza -> Spyware.SearchPage : Cleaned with backup
C:\WINDOWS\_default.pif:zpgee -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:zpkau -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:zpmfe -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:zriwvs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:zusqv -> TrojanDownloader.Agent.bc : Cleaned with backup


::Report End


Incident Status Location

Adware:adware/antivirus-gold No disinfected C:\DOCUMENTS AND SETTINGS\DENNIS STACY\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\AntivirusGold 2.0.lnk


Again Thank you so very much for all of your valuable time and assistance, it truely is appreciated.





:thumbsup: :flowers:

Edited by d_stacy1, 17 July 2005 - 01:47 AM.

(Single) - Dennis in Florida

#7 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:06:05 PM

Posted 17 July 2005 - 01:55 AM

Hello,

You can find the smitfiles.txt on your C:\ :thumbsup:

We really made some improvements.. well done!!

The reason why your Internet explorer opens after you start up is because you forgot to check and fix next in your hijackthislog:

O4 - HKLM\..\Run: [iexplore.exe] C:\Program Files\Internet Explorer\iexplore.exe

So check and fix this again.

Also, run Ccleaner one time. (click Run Cleaner)

Browse to next file and delete it:

C:\DOCUMENTS AND SETTINGS\DENNIS STACY\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\AntivirusGold 2.0.lnk

You say you are still seeing about:blank when opening IE. Well, I think you see a blank page, which is ok.
Go to start>Control Panel>Internet Options>tab programs> and click restore websettings.

It could be possible that Microsoft antispyware gives an alert on that and wants to block it. Please don't let microsoft antispyware bock that, but allow it.. because when you click restore websettings, those are the changes you perform yourself, but microsoft antispyware will probably see it as a bad attempt.

* Download: Hoster
Unzip hoster to an own folder, eg C:\Hoster
Start Hoster.exe,
Most probably you'll get the message that hosts doesn't exist and if you want to create one. Click yes.
If you don't get that message: click 'Restore Original Hosts' and click OK.

It could be possible that this hijacker deleted some files, so check if the following are still present:

°Control.exe: Is in your C:\WINDOWS\system32. Download here when missing.

°Shell.dll: C:\WINDOWS\SYSTEM32 Download here when missing

°SDHelper.dll:
If you are using Spybot Search & Destroy, this hijacker can also delete SDHelper.dll.
Download SDHelper.dll.
Place the file in the Spybot Search & Destroy-folder. Most probably, this ist C:\Program Files\Spybot - Search & Destroy

Perform a full scan with an updated Adaware SE and/or Spybot S&D to get rid of the leftovers.
If you don't have those programs yet, you can find the downloadlocations in my sig.

Reboot once again and tell me how things are running. :flowers:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#8 d_stacy1

d_stacy1
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Location:Northeast Florida
  • Local time:11:05 AM

Posted 17 July 2005 - 02:10 AM

I can not find 04 - HKLM when I do the hijack scan. Also after the second go around I am not getting the about blank anymore everything seems to be functioning normally. I do need to know what Ccleaner is and what you mean by browse to next file and delete the c:/ file documents file you are showing.

Thanks again!
(Single) - Dennis in Florida

#9 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:06:05 PM

Posted 17 July 2005 - 02:25 AM

Ccleaner is a tool that deletes unnecessary stuff from your system... It's a bit like the Ontrack - Internet Cleanup you are having, but has more options.
Check the site yourself for more info:

http://www.ccleaner.com/

With browsing to a file, I mean in here.. go to your C:\Documents and settings-folder, open dennis stacy-folder that's present there, open application data-folder, open microsoft folder, open internet explorer folder, open quick launch-folder and delete AntivirusGold 2.0.lnk

C:\DOCUMENTS AND SETTINGS\DENNIS STACY\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\AntivirusGold 2.0.lnk

It could be possible you wont find those folders, but that's because they are hidden. To reveal them, perform next:

* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View Tab.
* Under the Hidden files and folders heading select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Uncheck the Hide file extensions for known file types.
* Click Yes to confirm.
* Click OK.

Afterwards, you can make those folders and files hidden again.

To keep this clean in the future, I would suggest the following things:

Install Spywareblaster
SpywareBlaster doesn`t scan and clean for so-called spyware, but prevents it from being installed in the first place. It blocks the popular spyware ActiveX controls, and also prevents the installation of any of them via a webpage.

Avoid illegal sites, because that's where most malware is present.

Let your antispywarescanner(s) scan frequently and don't forget to update before.

And I do suggest you perform an online virusscan once in a while. (Kaspersky online and/or Bitdefender). Because what one virusscanner can't find another one maybe can.
Also make sure that your virusscanner, the one that is installed on your system is always up to date!

Make sure your windows has the latest updates: http://windowsupdate.microsoft.com/

More info on how to prevent malware you can also find here (By Tony Klein)

Happy surfing again! :thumbsup:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#10 d_stacy1

d_stacy1
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Location:Northeast Florida
  • Local time:11:05 AM

Posted 17 July 2005 - 04:18 PM

All is done and the pc is running like new. I could say it a thousand times, but you will never know how much I appreciate all the assistance. Thank you, thank you, thank you!!!!!! :

:thumbsup: :flowers:

Edited by d_stacy1, 17 July 2005 - 04:21 PM.

(Single) - Dennis in Florida

#11 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:06:05 PM

Posted 17 July 2005 - 04:21 PM

Glad I could help you... and thx for your PM, I'll reply asap as I'm finished with my 'round' fixing logs. :thumbsup:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#12 d_stacy1

d_stacy1
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Location:Northeast Florida
  • Local time:11:05 AM

Posted 17 July 2005 - 08:07 PM

I seem to have run into another issue after following your instructions. I downloaded bitdefender nad it discovered some virus problems. It shows deleting numerious files. I am attempting to post the report following this. Can you tell me if this will effect the operation of my pc at all. I don't know what these files are for.

Thanks again


[size=1]itDefender Online Scanner

Scan report generated at: Sun, Jul 17, 2005 - 20:53:49


Scan path: A:\;C:\;D:\;E:\;


Statistics

Time


00:24:45

Files


103971

Folders


2039

Boot Sectors


2

Archives


849

Packed Files


14923


Results

Identified Viruses


3

Infected Files


387

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


380


Engines Info

Virus Definitions


196227

Engine build


AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)

Scan plugins


13

Archive plugins


39

Unpack plugins


4

E-mail plugins


6

System plugins


1


Scan Settings

First Action


Prompt

Second Action


None

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes

[FONT=Arial][SIZE=1]

Scanned File


Status

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP11\A0002097.ini=>:zlrket:$DATA


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP11\A0002097.ini=>:zlrket:$DATA


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP11\A0002097.ini


Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP11\A0002109.pif=>:zqstuu:$DATA


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP11\A0002109.pif=>:zqstuu:$DATA


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP11\A0002109.pif


Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP11\A0002113.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP11\A0002113.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP11\A0002115.ini=>:laonch:$DATA


Infected with: Trojan.Downloader.Winshow.AK

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP13\A0002136.ini=>:zlrket:$DATA


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP13\A0002141.ini=>:zlrket:$DATA


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP13\A0002155.pif=>:zqstuu:$DATA


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP13\A0002162.ini=>:zlrket:$DATA


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP13\A0002169.ini=>:laonch:$DATA


Infected with: Trojan.Downloader.Winshow.AK

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP13\A0002171.pif=>:zqstuu:$DATA


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP13\A0002171.pif=>:zqstuu:$DATA


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP13\A0002171.pif


Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP14\A0002180.INI=>:wiguth:$DATA


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP14\A0002180.INI=>:wiguth:$DATA


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP14\A0002180.INI


Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP14\A0002183.ini=>:zlrket:$DATA


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP14\A0002183.ini=>:zlrket:$DATA


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP14\A0002183.ini


Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP14\A0002196.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP14\A0002196.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002204.INI=>:wiguth:$DATA


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002204.INI=>:wiguth:$DATA


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002204.INI


Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002206.ini=>:zlrket:$DATA


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002206.ini=>:zlrket:$DATA


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002206.ini


Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002216.pif=>:zqstuu:$DATA


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002216.pif=>:zqstuu:$DATA


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002216.pif


Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002221.ini=>:zlrket:$DATA


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002221.ini=>:zlrket:$DATA


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002221.ini


Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002222.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002222.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002223.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002223.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002224.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002224.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002225.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002225.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002226.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002226.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002227.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002227.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002228.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002228.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002229.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002229.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002230.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002230.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002231.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002231.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002232.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002232.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002233.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002233.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002234.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002234.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002235.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002235.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002236.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002236.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002237.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002237.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002238.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002238.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002239.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002239.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002240.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002240.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002241.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002241.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002242.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002242.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002243.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002243.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002244.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002244.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002245.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002245.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002247.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002247.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002248.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002248.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002249.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002249.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002250.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002250.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002251.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002251.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002252.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002252.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002253.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002253.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002254.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002254.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002255.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002255.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002256.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002256.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002257.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002257.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002258.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002258.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002260.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002260.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002263.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002263.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002264.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002264.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002265.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002265.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002266.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002266.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002267.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002267.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002268.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002268.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002269.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002269.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002270.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002270.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002271.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002271.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002272.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002272.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002273.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002273.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002274.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002274.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002275.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002275.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002276.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002276.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002277.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002277.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002278.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002278.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002279.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002279.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002280.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002280.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002281.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002281.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002282.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002282.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002283.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002283.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002284.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002284.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002285.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002285.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002286.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002286.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002287.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002287.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002288.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002288.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002289.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002289.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002290.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002290.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002291.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002291.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002292.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002292.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002293.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002293.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002294.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002294.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002295.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002295.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002296.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002296.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002297.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002297.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002298.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002298.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002299.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002299.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002300.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002300.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002301.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002301.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002302.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002302.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002303.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002303.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002304.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002304.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002305.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002305.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002306.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002306.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002307.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002307.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002308.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002308.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002309.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002309.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002310.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002310.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002311.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002311.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002312.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002312.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002314.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002314.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002315.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002315.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002316.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002316.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002317.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002317.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002318.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002318.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002319.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002319.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002320.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002320.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002321.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002321.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002322.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002322.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002323.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002323.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002324.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002324.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002325.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002325.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002326.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002326.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002327.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002327.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002328.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002328.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002329.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002329.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002330.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002330.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002331.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002331.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002332.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002332.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002333.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002333.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002334.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002334.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002335.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002335.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002336.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002336.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002337.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002337.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002338.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002338.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002339.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002339.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002340.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002340.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002341.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002341.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002342.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002342.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002343.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002343.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002344.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002344.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002345.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002345.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002346.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002346.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002347.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002347.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002348.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002348.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002349.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002349.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002350.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002350.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002351.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002351.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002352.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002352.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002353.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002353.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002354.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002354.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002355.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002355.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002356.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002356.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002357.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002357.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002358.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002358.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002359.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002359.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002360.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002360.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002361.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002361.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002362.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002362.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002363.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002363.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002364.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002364.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002365.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002365.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002366.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002366.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002368.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002368.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002369.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002369.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002370.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002370.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002371.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002371.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002372.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002372.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002373.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002373.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002374.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002374.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002375.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002375.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002376.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002376.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002377.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002377.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002378.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002378.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002379.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002379.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002380.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002380.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002381.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002381.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002382.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002382.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002383.ini=>:laonch:$DATA


Infected with: Trojan.Downloader.Winshow.AK

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002383.ini=>:laonch:$DATA


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002383.ini


Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002384.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002384.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002385.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002385.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002386.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002386.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002387.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002387.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002388.exe


Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002388.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002389.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002389.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002390.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002390.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002391.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002391.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002392.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002392.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002393.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002393.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002394.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002394.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002395.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002395.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002396.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002396.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002397.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002397.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002398.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002398.exe


Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002399.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002400.exe


Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002400.exe


Deleted

C:\System Volu

Edited by d_stacy1, 17 July 2005 - 08:32 PM.

(Single) - Dennis in Florida

#13 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:06:05 PM

Posted 17 July 2005 - 08:28 PM

Hello,

Don't worry about that. Those are the bad files deleted that were present in your system restore points. It doesn't effect your system at all!
Actually, it's not a bad idea to flush your systemrestore points and create a new systemrestorepoint now your system is clean.

Flushing your systemrestore points will delete all your system restore points and malware that were present in it. You flush them by disabeling system restore. Read here how to perform this:
How to disable system restore in XP
Reboot.. and after rebooting, enable it again, so a new systemrestorepoint will be made. A clean one now! :thumbsup:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#14 d_stacy1

d_stacy1
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Location:Northeast Florida
  • Local time:11:05 AM

Posted 17 July 2005 - 08:35 PM

Here is a continuation of that log, it didn't all show the last time. I am also still in the process of installing and running Kasperspy. after it finishes I will do the restore thing. Thanks again.

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002413.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002414.ini=>:knyvrt:$DATA
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002414.ini=>:knyvrt:$DATA
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002414.ini
Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002416.INI=>:wiguth:$DATA
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002416.INI=>:wiguth:$DATA
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002416.INI
Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002417.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002417.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002418.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002418.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002419.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002419.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002420.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002420.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002421.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002421.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002422.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002422.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002423.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002423.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002424.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002424.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002425.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002425.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002426.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002426.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002427.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002427.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002428.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002428.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002429.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002429.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002430.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002430.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002431.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002431.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002432.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002432.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002433.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002433.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002434.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002434.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002435.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002435.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002436.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002436.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002437.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002437.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002438.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002438.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002439.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002439.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002440.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002440.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002441.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002441.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002442.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002442.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002443.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002443.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002444.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002444.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002445.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002445.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002446.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002446.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002447.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002447.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002448.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002448.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002449.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002449.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002450.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002450.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002451.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002451.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002452.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002452.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002453.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002453.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002454.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002454.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002455.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002455.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002456.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002456.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002457.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002457.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002458.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002458.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002459.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002459.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002460.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002460.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002461.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002461.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002462.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002462.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002463.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002463.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002464.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002464.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002465.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002465.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002466.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002466.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002467.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002467.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002468.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002468.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002469.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002469.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002470.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002470.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002471.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002471.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002472.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002472.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002473.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002473.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002474.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002474.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002475.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002475.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002476.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002476.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002477.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002477.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002478.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002478.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002479.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002479.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002480.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002480.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002481.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002481.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002482.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002482.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002483.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002483.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002484.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002484.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002485.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002485.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002486.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002486.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002487.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002487.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002488.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002488.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002489.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002489.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002490.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002490.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002491.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002491.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002492.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002492.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002493.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002493.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002494.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002494.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002495.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002495.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002496.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002496.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002497.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002497.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002498.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002498.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002499.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002499.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002500.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002500.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002501.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002501.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002502.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002502.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002503.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002503.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002504.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002504.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002505.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002505.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002506.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002506.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002507.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002507.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002508.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002508.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002509.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002509.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002510.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002510.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002511.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002511.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002512.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002512.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002513.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002513.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002514.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002514.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002515.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002515.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002516.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002516.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002517.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002517.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002518.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002518.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002519.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002519.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002520.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002520.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002521.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002521.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002522.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002522.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002523.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002523.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002524.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002524.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002525.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002525.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002526.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002526.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002527.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002527.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002528.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002528.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002529.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002529.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002530.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002530.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002531.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002531.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002532.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002532.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002533.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002533.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002534.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002534.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002535.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002535.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002536.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002536.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002537.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002537.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002538.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002538.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002539.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002539.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002540.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002540.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002541.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002541.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002542.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002542.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002543.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002543.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002544.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002544.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002545.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002545.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002546.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002546.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002547.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002547.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002548.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002548.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002549.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002549.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002550.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002550.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002551.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002551.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002552.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002552.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002553.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002553.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002554.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002554.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002555.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002555.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002556.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002556.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002557.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002557.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002558.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002558.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002559.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002559.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002560.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002560.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002561.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002561.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002562.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002562.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002563.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002563.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002564.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002564.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002565.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002565.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002566.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002566.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002567.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002567.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002568.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002568.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002569.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002569.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002570.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002570.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002571.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002571.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002572.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002572.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002573.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002573.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002574.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002574.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002575.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002575.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002576.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002576.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002577.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002577.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002578.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002578.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002579.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002579.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002580.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002580.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002581.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002581.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002582.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002582.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002583.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002583.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002584.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002584.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002585.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002585.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002586.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002586.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002587.exe
Infected with: GenPack:Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002587.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002588.exe
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002588.exe
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002589.pif=>:zqstuu:$DATA
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002589.pif=>:zqstuu:$DATA
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP16\A0002589.pif
Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP4\A0002008.ini=>:zlrket:$DATA
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP4\A0002008.ini=>:zlrket:$DATA
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP4\A0002008.ini
Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP5\A0002023.ini=>:zlrket:$DATA
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP5\A0002023.ini=>:zlrket:$DATA
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP5\A0002023.ini
Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP5\A0002030.ini=>:zlrket:$DATA
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP5\A0002030.ini=>:zlrket:$DATA
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP5\A0002030.ini
Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP6\A0002059.ini=>:zlrket:$DATA
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP6\A0002059.ini=>:zlrket:$DATA
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP6\A0002059.ini
Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP6\A0002070.ini=>:zlrket:$DATA
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP6\A0002070.ini=>:zlrket:$DATA
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP6\A0002070.ini
Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP6\A0002076.pif=>:zqstuu:$DATA
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP6\A0002076.pif=>:zqstuu:$DATA
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP6\A0002076.pif
Updated

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP6\A0002080.pif=>:zqstuu:$DATA
Infected with: Trojan.Agent.BI

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP6\A0002080.pif=>:zqstuu:$DATA
Deleted

C:\System Volume Information\_restore{032E0602-1DCC-495E-B659-F48CB6422EA1}\RP6\A0002080.pif
Updated

C:\WINDOWS\Installer\2a9c9.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\2a9c9.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\32908.msi
Clean

C:\WINDOWS\Installer\391607.msi
Clean

C:\WINDOWS\Installer\391607.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\391607.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\391607.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\39c94d.msi
Clean

C:\WINDOWS\Installer\39c94d.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\39c94d.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\39c94d.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\39c94d.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>Regsvr32.exe
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>axdist.inf
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>hlink.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>hlinkprx.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>inloader.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>oleaut32.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>schannel.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>stdole2.tlb
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>urlmon.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>wininet.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>ADVPACK.DLL
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>W95INF32.DLL
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>W95INF16.DLL
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>Regsvr32.exe
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>axdist.inf
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>hlink.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>hlinkprx.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>inloader.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>oleaut32.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>schannel.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>stdole2.tlb
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>urlmon.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>wininet.dll
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>ADVPACK.DLL
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>W95INF32.DLL
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)=>(CAB Sfx r)=>W95INF16.DLL
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\4589bec.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a30.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a57.msi
Clean

C:\WINDOWS\Installer\64a57.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a61.msi
Clean

C:\WINDOWS\Installer\64a61.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a61.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a61.msi=>(Embedded EXE)
Clean

C:\WINDOWS\Installer\64a61.msi=>(Embedded EXE)
Clean
(Single) - Dennis in Florida

#15 d_stacy1

d_stacy1
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Location:Northeast Florida
  • Local time:11:05 AM

Posted 17 July 2005 - 08:37 PM

There is still more do you need to see it? So far Kaspersky has found 3 virus's and over 3000 infected objects and is still scanning.

Thanks

Edited by d_stacy1, 17 July 2005 - 08:39 PM.

(Single) - Dennis in Florida




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users