TheTechGuide Forum

General Category => Tech Clinic => Topic started by: thisornothing on March 22, 2009, 04:05:16 AM

Title: Problems
Post by: thisornothing on March 22, 2009, 04:05:16 AM

i jus recently did a virus scan with Avast! antivirus and i chose  it to deleted anything it thought was a virus. after the scan i found out a lot of things cant open ex : command promt, calculator. is this because of the scan or is there a virus?
do i need to post a hijackthis logfile?

Title: Problems
Post by: guestolo on March 22, 2009, 04:10:55 AM

Yes please, post a Hijackthis log
Here's the instructions:
Download Hijackthis Installer from [color=\"#FF0000\"]HERE[/color] (http://\"http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe\")
For an alternate download location, you can try HERE  (http://\"http://fileforum.betanews.com/detail/HijackThis/1071179190/1\")
SAVE it to your desktop
Double click on HJTInstall.exe to run it
Choose Install

Hijackthis v2.0.2 will open

Under Main Menu, Select
Do a system scan and save a Log file
A log will open in Notepad
Copy and Paste the Whole log back here to the forum----It is all important!

Title: Problems
Post by: thisornothing on March 22, 2009, 04:17:34 AM

weird. when i try to post the log file is says :
Method Not Implemented

POST to /forum/index.php not supported.

Title: Problems
Post by: thisornothing on March 22, 2009, 04:20:03 AM

i'll try to upload it

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:00:13 PM, on 3/22/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\afisicx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\sopidkc.exe
C:\WINDOWS\system32\tdctxte.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\wscript.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
C:\WINDOWS\System32\WScript.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\My Documents\Downloads\jre-6u12-windows-i586-p-iftw-k (1).exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Power Karaoke Toolbar - {3303e956-2a3a-48e0-be39-2e0ef11a2f44} - C:\Program Files\Power_Karaoke\tbPowe.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\actcontroller.exe,
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O2 - BHO: (no name) - {165A9BD8-7369-44A3-B118-BD2977D015ED} - C:\WINDOWS\system32\jkkHAtuR.dll (file missing)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Power Karaoke Toolbar - {3303e956-2a3a-48e0-be39-2e0ef11a2f44} - C:\Program Files\Power_Karaoke\tbPowe.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\geButrsr.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Power Karaoke Toolbar - {3303e956-2a3a-48e0-be39-2e0ef11a2f44} - C:\Program Files\Power_Karaoke\tbPowe.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe
O4 - HKLM\..\Run: [winboot] wscript.exe /E:vbs C:\WINDOWS\boot. ini
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [track monitor] C:\Program Files\MSN Track Monitor\msntrack.exe
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKLM\..\Run: [MS32DLL] C:\WINDOWS\.MS32DLL.dll.vbs
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Owner] C:\Documents and Settings\Owner\Owner.exe /i
O4 - HKCU\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe
O4 - HKCU\..\Run: [PVR] C:\Program Files\XemiComputers\Pocket Voice Recorder\PVR.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNman000 (http://\"http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNman000\")
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 (http://\"http://go.microsoft.com/fwlink/?linkid=39204\")
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-MY/a-UNO1/GAME_UNO1.cab (http://\"http://messenger.zone.msn.com/EN-MY/a-UNO1/GAME_UNO1.cab\")
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (http://\"http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab\")
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab (http://\"http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab\")
O17 - HKLM\System\CCS\Services\Tcpip\..\{4BA66A02-87BF-4CAB-9A99-567F435E3C3D}: NameServer = 208.67.222.222,208.67.220.220
O20 - Winlogon Notify: crypt - crypts.dll (file missing)
O20 - Winlogon Notify: dileqvus - dileqvus.dll (file missing)
O20 - Winlogon Notify: geButrsr - geButrsr.dll (file missing)
O20 - Winlogon Notify: WinCtrl32 - WinCtrl32.dll (file missing)
O20 - Winlogon Notify: wingsa32 - wingsa32.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: afisicx  Service (afisicx) - Unknown owner - C:\WINDOWS\system32\afisicx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FCI - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe (file missing)
O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\System32\msiexec.exe (file missing)
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwssvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: sopidkc  Service (sopidkc) - Unknown owner - C:\WINDOWS\system32\sopidkc.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe (file missing)
O23 - Service: tdctxte  Service (tdctxte) - Unknown owner - C:\WINDOWS\system32\tdctxte.exe

--
End of file - 12830 bytes


Note: It's this entry here causing the error posting back to the forum
O4 - HKLM\..\Run: [winboot] wscript.exe /E:vbs C:\WINDOWS\boot. ini
I put a space after boot.

Title: Problems
Post by: guestolo on March 22, 2009, 04:36:09 AM

Download ComboFix from one of these locations:

[color=\"#0000FF\"]Link 1[/color] (http://\"http://download.bleepingcomputer.com/sUBs/ComboFix.exe\")
[color=\"#0000FF\"]Link 2[/color] (http://\"http://www.forospyware.com/sUBs/ComboFix.exe\")
[color=\"#0000FF\"]Link 3[/color] (http://\"http://subs.geekstogo.com/ComboFix.exe\")
[color=\"#FF0000\"]Save it ONLY to your Desktop[/color]

      --------------------------------------------------------------------
[color=\"#2E8B57\"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

• Double click on ComboFix.exe & follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

[color=\"#2e8b57\"]**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
[/color]
(http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif)

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
(http://img.photobucket.com/albums/v706/ried7/whatnext.png)


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please

With the log from ComboFix, can you also include a fresh log from Hijackthis

Title: Problems
Post by: thisornothing on March 22, 2009, 04:47:18 AM

this might take awhile since my internet is very slow. around 2kbps is the fastest speed i get.
by the way, what do you mean by:

"Note: It's this entry here causing the error posting back to the forum
O4 - HKLM\..\Run: [winboot] wscript.exe /E:vbs C:\WINDOWS\boot. ini
I put a space after boot. "

and

"Please include the C:\ComboFix.txt in your next reply"

sorry im just 14 now, dont know much XD

Title: Problems
Post by: thisornothing on March 22, 2009, 08:25:54 AM

i installed combofix, after the green bar finish loading nothing pop out. is there any other way?

Title: Problems
Post by: thisornothing on March 22, 2009, 09:34:53 AM

not install...i mean downloaded

Title: Problems
Post by: guestolo on March 22, 2009, 10:55:59 AM

Download [color=\"blue\"]random's system information tool (RSIT)[/color] by [color=\"#6600cc\"]random/random[/color] from >>[color=\"red\"]here[/color]<< (http://\"http://images.malwareremoval.com/random/RSIT.exe\") and save it to your desktop.

• Double click on RSIT.exe and choose to Run it
  
• Click Continue at the disclaimer screen.
  
• Your firewall may alert you that RSIT is requesting Internet access. Please allow it.
  
• Once it has finished, two logs will open:  log.txt[color=\"red\"]<-- this will be maximized[/color] and info.txt[color=\"red\"]<-- this will be minimized[/color].
  

Post both those logs please
If RSIT.exe won't run, try right clicking on it and rename it to something like nothing.exe
If you see the file extension >>>.exe
Or just nothing if no file extensions are shown

NOTE: If you get an error message trying to post the logs back here to the forum
Just post info.txt back here
And upload log.txt

Title: Problems
Post by: thisornothing on March 23, 2009, 06:41:02 AM

i downloaded it already. then after i run it and click continue a blue screen appear and my com restarts jus like the BSOD

Title: Problems
Post by: guestolo on March 23, 2009, 08:32:01 AM

Can you reboot into Safe mode?
    * Restart your computer
    * After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
    * Instead of Windows loading as normal, a menu with options should appear;
    * Select the first option, to run Windows in Safe Mode, then press "Enter".
    * Choose your usual account.

If that works, try running ComboFix again, see if it will run

If you can't get to safe mode
Try the following

  Download DDS by sUBs from one of the following links. Save it to your desktop.

• [color=\"#0000FF\"]DDS.com[/color] (http://\"http://www.techsupportforum.com/sectools/sUBs/dds\")
           
  
• [color=\"#0000FF\"]DDS.scr[/color] (http://\"http://download.bleepingcomputer.com/sUBs/dds.scr\")
           
  
• [color=\"#0000FF\"]DDS.pif[/color] (http://\"http://www.forospyware.com/sUBs/dds\")
  

Double click on the DDS icon, allow it to run.
A small box will open, with an explaination about the tool. No input is needed, the scan is running.
Notepad will open with the results.
Follow the instructions that pop up for posting the results.
 
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Title: Problems
Post by: thisornothing on March 23, 2009, 10:18:24 AM

im in safe mode now but combo fix is still the same. it start then a green bar loads then nothing pop out

Title: Problems
Post by: thisornothing on March 23, 2009, 10:28:20 AM

i tried RSIT in safe mode and it worked. here are the log files. sorry i still dont know how to post it. i'll upload it again

Title: Problems
Post by: guestolo on March 23, 2009, 10:47:38 PM

What about ComboFix, did you try it in safe mode?
I'm glad you posted the log from RSIT.exe, but it's only a scanner, it won't fix Anything, or try to

ComboFix, may, or may not fix some problems

Please let me know if combofix will run in safe mode, if it will, let it run uninterrupted

Title: Problems
Post by: thisornothing on March 25, 2009, 01:52:02 AM

it didnt run much. its the same if its in safe mode or not. it jus loads the green bar at the begining then nothing comes out

i also get these 2 when i start up my computer. look at the pics

Title: Problems
Post by: guestolo on March 25, 2009, 08:58:27 PM

This is important!
I need you do to the following
Try the following

Quote

Download DDS by sUBs from one of the following links. Save it to your desktop.

• [color=\"#0000FF\"]DDS.com[/color] (http://\"http://www.techsupportforum.com/sectools/sUBs/dds\")
           
  
• [color=\"#0000FF\"]DDS.scr[/color] (http://\"http://download.bleepingcomputer.com/sUBs/dds.scr\")
           
  
• [color=\"#0000FF\"]DDS.pif[/color] (http://\"http://www.forospyware.com/sUBs/dds\")
  

Double click on the DDS icon, allow it to run.
A small box will open, with an explaination about the tool. No input is needed, the scan is running.
Notepad will open with the results.
Follow the instructions that pop up for posting the results.
 
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

NOTE: If you can't get one to run, try the next link

Title: Problems
Post by: thisornothing on March 26, 2009, 04:39:52 AM

it says "windows cannot find 'cmd'. Make sure you type the name correctly, and then try again. To search for a file, click the start button and click search.

as i said before, command prompt and some other applications cannot run.

Title: Problems
Post by: thisornothing on March 26, 2009, 04:41:04 AM

it says "windows cannot find 'cmd'. Make sure you type the name correctly, and then try again. To search for a file, click the start button and click search.

as i said before, command prompt and some other applications cannot run.

Title: Problems
Post by: guestolo on March 26, 2009, 01:59:16 PM

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe (http://\"ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe\")
DO NOT attempt to run it yet
Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.
Sign in with your Normal Account

• Doubleclick the drweb-cureit.exe file and Allow to run the express scan
     
  
• This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
• Once the short scan has finished, mark the drives that you want to scan.
• Select all drives. A red dot shows which drives have been chosen.
• Click the green arrow at the right, and the scan will start.
     
  
• Click 'Yes to all' if it asks if you want to cure/move the file.
• When the scan has finished, look if you can click next icon next to the files found:(http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif)
     
  
• If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
  (http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif)
        This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured.
     
  
• After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
     
  
• Save the report to your desktop. The report will be called DrWeb.csv
     
  
• Close Dr.Web Cureit.
• Reboot your computer
     
  
• After reboot, post the contents of the log from Dr.Web you saved previously in your next reply.

Title: Problems
Post by: thisornothing on March 27, 2009, 06:14:54 AM

i was scanning halfway and an error came out and had to close it. i'll try to scan again if i have time

Title: Problems
Post by: thisornothing on March 27, 2009, 10:03:07 AM

the error i was talking about is this.i hope there is a way to save my computer other than reformating.

Title: Problems
Post by: guestolo on March 27, 2009, 08:29:23 PM

That error is generic, doesn't really tell me anything
I'm sorry to inform you, but your computer is badly infected
You have downloaded a crack file, or other malicious file that has infected your legitimate files on your computer
Making it really tough to clean the computer
Even if we clean it, there is no guarantee of it's reliablity
Do you have anything really important on it to save?
Here is some very good advice

Quote

Backup all your documents and important items (personal data, work documents, etc) only. DO NOT backup any executable files (softwares) and screensavers (*.scr). It attempts to infect any accessed .exe or .scr files by appending itself to the executable.

Also, avoid backing up compressed files (zip/cab/rar) files that have .exe or .scr files inside them. Virut can penetrate and infect .exe files inside compressed files too.

Recent variants also modify htm, html, asp and php files.

Do not back up to another machine, as it may become compromised. Burn to DVD/CD, or to an external drive which has nothing else on it, and which you can format should it happen to become infected from the backups.

Do you want to continue to try and clean it, or do you have a legitimate copy of XP where we can backup
and reinstall and ensure it's reliability?

Title: Problems
Post by: thisornothing on March 28, 2009, 02:17:21 AM

i think i got a windows xp cd but i think i'll continue and try to fix if u want to help.

Title: Problems
Post by: guestolo on March 28, 2009, 10:05:49 AM

If you have the Windows XP CD, it's probably the easiest to start fresh, as you can't get the scanners to complete?
What happened with the second go around with Dr. Web?

Title: Problems
Post by: thisornothing on March 29, 2009, 02:13:33 AM

same error

Title: Problems
Post by: thisornothing on March 29, 2009, 06:18:05 AM

my com dsnt seem to have any problems anymore after i scanned it again with avast. Do you have any way to install command promt, calculator, etc etc?

Title: Problems
Post by: guestolo on March 29, 2009, 07:51:48 AM

Let me see a fresh Hijackthis log please
We'll try getting this machine running good without reformatting if you choose

Title: Problems
Post by: thisornothing on March 30, 2009, 10:22:12 AM

[quote name=\'guestolo\' post=\'460261\' date=\'Mar 29 2009, 08:51 PM\']Let me see a fresh Hijackthis log please
We'll try getting this machine running good without reformatting if you choose[/quote]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:10:17 PM, on 3/30/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\afisicx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\sopidkc.exe
C:\WINDOWS\system32\tdctxte.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Power Karaoke Toolbar - {3303e956-2a3a-48e0-be39-2e0ef11a2f44} - C:\Program Files\Power_Karaoke\tbPow1.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\actcontroller.exe,C:\WINDOWS\system32\idaw64.exe,C:\WINDOWS\system32\deviceemulator.exe,C:\WINDOWS\system32\7z.exe,C:\WINDOWS\system32\windres.exe,C:\WINDOWS\system32\undname.exe,C:\WINDOWS\system32\pdbcopy.exe,C:\WINDOWS\system32\idaw64.exe,C:\WINDOWS\system32\codeblocks.exe,C:\WINDOWS\system32\undname.exe,C:\WINDOWS\system32\regwiz.exe,C:\WINDOWS\system32\c++.exe,C:\WINDOWS\system32\gcc.exe,C:\WINDOWS\system32\ndetect.exe,C:\WINDOWS\system32\undname.exe,C:\WINDOWS\system32\c++.exe,C:\WINDOWS\system32\ndetect.exe,C:\WINDOWS\system32\vmware-ufad.exe,
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Power Karaoke Toolbar - {3303e956-2a3a-48e0-be39-2e0ef11a2f44} - C:\Program Files\Power_Karaoke\tbPow1.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe
O4 - HKLM\..\Run: [winboot] wscript.exe /E:vbs C:\WINDOWS\boot. ini
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [track monitor] C:\Program Files\MSN Track Monitor\msntrack.exe
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKLM\..\Run: [MS32DLL] C:\WINDOWS\.MS32DLL.dll.vbs
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Owner] C:\Documents and Settings\Owner\Owner.exe /i
O4 - HKCU\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe
O4 - HKCU\..\Run: [PVR] C:\Program Files\XemiComputers\Pocket Voice Recorder\PVR.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNman000 (http://\"http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNman000\")
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 (http://\"http://go.microsoft.com/fwlink/?linkid=39204\")
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-MY/a-UNO1/GAME_UNO1.cab (http://\"http://messenger.zone.msn.com/EN-MY/a-UNO1/GAME_UNO1.cab\")
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (http://\"http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab\")
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab (http://\"http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab\")
O17 - HKLM\System\CCS\Services\Tcpip\..\{4BA66A02-87BF-4CAB-9A99-567F435E3C3D}: NameServer = 208.67.222.222,208.67.220.220
O20 - Winlogon Notify: crypt - crypts.dll (file missing)
O20 - Winlogon Notify: dileqvus - dileqvus.dll (file missing)
O20 - Winlogon Notify: geButrsr - geButrsr.dll (file missing)
O20 - Winlogon Notify: WinCtrl32 - WinCtrl32.dll (file missing)
O20 - Winlogon Notify: wingsa32 - wingsa32.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: afisicx  Service (afisicx) - Unknown owner - C:\WINDOWS\system32\afisicx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FCI - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe (file missing)
O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\System32\msiexec.exe (file missing)
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwssvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: sopidkc  Service (sopidkc) - Unknown owner - C:\WINDOWS\system32\sopidkc.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe (file missing)
O23 - Service: tdctxte  Service (tdctxte) - Unknown owner - C:\WINDOWS\system32\tdctxte.exe

--
End of file - 12272 bytes

Title: Problems
Post by: guestolo on March 30, 2009, 09:25:30 PM

Wow, your machine is still very badly infected
Can you do the following

Do a "System scan only" with Hijackthis and put a check next to these entries:

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\actcontroller.exe,C:\WINDOWS\system32\idaw64.exe,C:\WINDOWS\system32\deviceemulator.exe,C:\WINDOWS\system32\7z.exe,C:\WINDOWS\system32\windres.exe,C:\WINDOWS\system32\undname.exe,C:\WINDOWS\system32\pdbcopy.exe,C:\WINDOWS\system32\idaw64.exe,C:\WINDOWS\system32\codeblocks.exe,C:\WINDOWS\system32\undname.exe,C:\WINDOWS\system32\regwiz.exe,C:\WINDOWS\system32\c++.exe,C:\WINDOWS\system32\gcc.exe,C:\WINDOWS\system32\ndetect.exe,C:\WINDOWS\system32\undname.exe,C:\WINDOWS\system32\c++.exe,C:\WINDOWS\system32\ndetect.exe,C:\WINDOWS\system32\vmware-ufad.exe,

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe
O4 - HKLM\..\Run: [winboot] wscript.exe /E:vbs C:\WINDOWS\boot. ini
O4 - HKLM\..\Run: [track monitor] C:\Program Files\MSN Track Monitor\msntrack.exe
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKLM\..\Run: [MS32DLL] C:\WINDOWS\.MS32DLL.dll.vbs
O4 - HKCU\..\Run: [Owner] C:\Documents and Settings\Owner\Owner.exe /i
O4 - HKCU\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNman000 (http://\"http://edits.mywebsearch.com/toolbaredits/...html?p=ZNman000\")

O20 - Winlogon Notify: crypt - crypts.dll (file missing)
O20 - Winlogon Notify: dileqvus - dileqvus.dll (file missing)
O20 - Winlogon Notify: geButrsr - geButrsr.dll (file missing)
O20 - Winlogon Notify: WinCtrl32 - WinCtrl32.dll (file missing)
O20 - Winlogon Notify: wingsa32 - wingsa32.dll (file missing)

O23 - Service: afisicx Service (afisicx) - Unknown owner - C:\WINDOWS\system32\afisicx.exe
023 - Service: FCI - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe (file missing)
O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe (file missing)
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\System32\msiexec.exe (file missing)
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwssvc.exe (file missing)

O23 - Service: sopidkc Service (sopidkc) - Unknown owner - C:\WINDOWS\system32\sopidkc.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe (file missing)
O23 - Service: tdctxte Service (tdctxte) - Unknown owner - C:\WINDOWS\system32\tdctxte.exe



After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot the computer

Back in Windows
Delete your copy of Dr. Web
REDownload Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe (http://\"ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe\")
DO NOT attempt to run it yet
Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.
Sign in with your Normal Account

• Doubleclick the drweb-cureit.exe file and Allow to run the express scan
     
  
• This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
• Once the short scan has finished, mark the drives that you want to scan.
• Select all drives. A red dot shows which drives have been chosen.
• Click the green arrow at the right, and the scan will start.
     
  
• Click 'Yes to all' if it asks if you want to cure/move the file.
• When the scan has finished, look if you can click next icon next to the files found:(http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif)
     
  
• If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
  (http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif)
        This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured.
     
  
• After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
     
  
• Save the report to your desktop. The report will be called DrWeb.csv
     
  
• Close Dr.Web Cureit.
• Reboot your computer
     
  
• After reboot, post the contents of the log from Dr.Web you saved previously in your next reply.

Title: Problems
Post by: thisornothing on April 05, 2009, 01:46:30 AM

sorry i havnt replied in awhile. i've been abit busy with school. i already fixed those file u mentioned with hijackthis but i can seem to find some of the files :
O4 - HKLM\..\Run: [winboot] wscript.exe /E:vbs C:\WINDOWS\boot. ini
O20 - Winlogon Notify: crypt - crypts.dll (file missing)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\actcontroller.exe,C:\WINDOWS\system32\idaw64.exe,C:\WINDOWS\system32\deviceemulator.exe,C:\WINDOWS\system32\7z.exe,C:\WINDOWS\system32\windres.exe,C:\WINDOWS\system32\undname.exe,C:\WINDOWS\system32\pdbcopy.exe,C:\WINDOWS\system32\idaw64.exe,C:\WINDOWS\system32\codeblocks.exe,C:\WINDOWS\system32\undname.exe,C:\WINDOWS\system32\regwiz.exe,C:\WINDOWS\system32\c++.exe,C:\WINDOWS\system32\gcc.exe,C:\WINDOWS\system32\ndetect.exe,C:\WINDOWS\system32\undname.exe,C:\WINDOWS\system32\c++.exe,C:\WINDOWS\system32\ndetect.exe,C:\WINDOWS\system32\vmware-ufad.exe,


on the 3rd 1..i can only find F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
cant find all those behind it

im still downloading drweb now because my internet is slow

Title: Problems
Post by: thisornothing on April 06, 2009, 10:49:52 AM

still scanning with DrWeb now..its already been 24 hours ++..i wonder if i really have that much stuff on my com lol

Title: Problems
Post by: thisornothing on April 07, 2009, 01:20:01 AM

finished scanning and curing but no report came out

Title: Problems
Post by: thisornothing on April 07, 2009, 04:05:45 AM

i have another problem on my computer now. if im not in safe mode, DrWeb and google chrome and maybe some others but i havnt tried always suddenly close without a trace. but Opera doesnt. im not sure what the problem is

Title: Problems
Post by: thisornothing on April 07, 2009, 10:07:31 AM

can you help me check this hijackthis logfile?..i jus did a scan because of the above problem

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:03:22 PM, on 4/7/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [PromoReg] C:\WINDOWS\TEMP\BN3F.tmp
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [PVR] C:\Program Files\XemiComputers\Pocket Voice Recorder\PVR.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [reader_s] C:\Documents and Settings\Owner\reader_s.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 (http://\"http://go.microsoft.com/fwlink/?linkid=39204\")
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-MY/a-UNO1/GAME_UNO1.cab (http://\"http://messenger.zone.msn.com/EN-MY/a-UNO1/GAME_UNO1.cab\")
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (http://\"http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab\")
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab (http://\"http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab\")
O17 - HKLM\System\CCS\Services\Tcpip\..\{4BA66A02-87BF-4CAB-9A99-567F435E3C3D}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: afisicx  Service (afisicx) - Unknown owner - C:\WINDOWS\system32\afisicx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\System32\msiexec.exe (file missing)
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwssvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe (file missing)

--
End of file - 8913 bytes

Title: Problems
Post by: guestolo on April 07, 2009, 11:00:10 AM

Many critical files on your computer have been infected and corrupt
Causing many errors on your system more than likely

Quote

finished scanning and curing but no report came out

The exact directions I posted were:

Quote

#  in the Dr.Web CureIt menu on top, click file and choose save report list
# Save the report to your desktop. The report will be called DrWeb.csv

So unless you did that, there won't be a report

Delete any copy of ComboFix you may have

Download ComboFix from one of these locations:

[color=\"#0000FF\"]Link 1[/color] (http://\"http://download.bleepingcomputer.com/sUBs/ComboFix.exe\")
[color=\"#0000FF\"]Link 2[/color] (http://\"http://subs.geekstogo.com/ComboFix.exe\")

• If you are using Firefox, make sure that your download settings are as follows:
• Tools->Options->Main tab
• Set to "Always ask me where to Save the files".
• During the download, rename Combofix to Combo-Fix as follows:
  

(http://i266.photobucket.com/albums/ii277/sUBs_/combofix/CF_download_FF.gif)
(http://i266.photobucket.com/albums/ii277/sUBs_/combofix/CF_download_rename.gif)

* It is important you rename Combofix during the download, but not after.
    * Please do not rename Combofix to other names, but only to the one indicated.

      --------------------------------------------------------------------
Reboot your computer into Safe Mode

• Double click on Combo-Fix.exe & follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

In your case, since you are in Safe Mode, just have ComboFix scan for Malware

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combo-Fix.txt in your next reply

Title: Problems
Post by: thisornothing on April 09, 2009, 06:27:09 AM

i still cant get combofix to run

A0394748.bat;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP206;Probably BATCH.Virus;;
A0394749.dll;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP206;Adware.MyWebSearch.8;;
A0394914.EXE;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394915.EXE;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394916.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394917.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394918.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394919.EXE;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394920.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394921.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394922.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394923.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394924.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394926.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394927.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394928.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394929.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394930.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394931.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394932.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394933.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394935.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394936.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394937.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394938.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394939.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394940.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394941.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394942.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394943.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394944.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394945.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394946.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394947.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394948.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394949.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394950.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394951.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394952.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394953.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394954.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394955.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394956.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394957.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394958.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394959.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394960.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394961.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394962.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394963.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394964.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394965.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394966.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394967.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394968.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394969.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394970.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394971.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394972.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394973.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394974.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394975.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394976.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394977.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394978.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394979.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394980.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394981.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394982.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394983.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394984.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394985.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394986.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394987.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394988.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394989.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394990.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394991.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394992.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394993.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394994.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394995.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394996.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394997.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394998.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0394999.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395000.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395001.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395002.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395003.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395004.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395005.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395006.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395007.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395008.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395009.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395010.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395011.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395012.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395013.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395014.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395015.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395016.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395017.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395018.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395019.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395020.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395021.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395022.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395023.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395024.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395025.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395026.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395027.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395028.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395029.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395030.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395031.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395032.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395033.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395034.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395035.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395036.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395037.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395038.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395039.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395040.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395041.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395042.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395043.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395044.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395045.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395046.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395047.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395048.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395049.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395050.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395051.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395052.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395053.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395054.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395055.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395056.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395057.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395058.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395059.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395060.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395061.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395062.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395063.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395064.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395065.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395066.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395067.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395068.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395069.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395070.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395071.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395072.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395073.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395074.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395075.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395076.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395077.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395078.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395079.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395080.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395081.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395082.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395083.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395084.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395085.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395086.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395087.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395088.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395089.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395090.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395091.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395092.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395093.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395094.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395095.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395096.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395097.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395098.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395099.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395100.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395101.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395102.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395103.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395104.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395105.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395106.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395107.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395108.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395109.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395110.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395111.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395112.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395113.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395114.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395115.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395116.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395117.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395118.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395119.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395120.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395121.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395122.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395123.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395124.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395125.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395126.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395127.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395128.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395129.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395130.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395131.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395132.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395133.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395134.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395135.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395136.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395137.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395138.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395139.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395140.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395141.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395142.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395143.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395144.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395145.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395146.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395147.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395148.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395149.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395150.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395151.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395152.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395153.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395154.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395155.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395156.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395157.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395158.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395159.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395160.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395161.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395162.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395163.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395164.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395165.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395166.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395167.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395168.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395169.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395170.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395171.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395172.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395173.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395174.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395175.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395176.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395177.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395178.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395179.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395180.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395181.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395182.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395183.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395184.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395185.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395186.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395187.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395188.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395189.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395190.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395191.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395192.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395193.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395194.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395195.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395196.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395197.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395198.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395199.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395200.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395201.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395202.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395203.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395204.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395205.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395206.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395207.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395208.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395209.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395210.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395211.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395212.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395213.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395214.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395215.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395216.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395217.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395218.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395219.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395220.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395221.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395222.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395223.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395224.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395225.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395226.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395227.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395228.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395229.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395230.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395231.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395232.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395233.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395234.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395235.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395236.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395237.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395238.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395239.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395240.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395241.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395242.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395243.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395244.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395245.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395246.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395247.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395248.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395249.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395250.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395251.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395252.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395253.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395254.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395255.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395256.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395257.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395258.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395259.EXE;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395260.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395261.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395262.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395263.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395264.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395265.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395266.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395267.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395268.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395269.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395270.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395271.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395272.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395273.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395274.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395275.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395276.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395277.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395278.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395279.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395280.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395281.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395282.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395283.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395284.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395285.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395286.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395287.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395288.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395289.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395290.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395291.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395292.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395293.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395294.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395295.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395296.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395297.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395298.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395299.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395300.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395301.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395302.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395303.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395304.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395305.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395306.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395307.scr;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395308.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395309.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395310.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395311.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395312.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395313.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395314.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395315.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395316.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395317.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395318.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395319.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395320.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395321.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395322.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395323.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395324.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395325.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395326.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395327.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395328.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395329.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395330.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395331.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395332.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395333.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395334.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395335.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395336.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395337.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395338.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395339.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395340.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395341.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395342.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395343.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395344.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395345.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395346.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395347.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395348.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395349.EXE;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395350.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395351.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395352.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395353.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395354.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395355.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395356.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395357.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395358.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395359.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395360.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395361.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395362.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395363.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395364.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395365.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395366.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395367.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395368.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395369.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395370.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395371.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395372.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395373.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395374.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395375.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395376.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395377.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395378.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395379.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395380.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395381.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395382.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395383.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395384.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395385.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395386.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395387.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395388.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395389.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395390.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395391.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395392.EXE;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395393.EXE;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395394.EXE;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395395.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395397.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395398.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395399.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395400.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395401.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395402.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395403.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395404.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395405.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395406.exe;C:\System Volume Information\_restore{D5F6FDB8-41CF-4B55-AB6E-5D20B9BB390A}\RP209;Win32.Virut.56;Cured.;
A0395407.exe;C:\System Volume Information\_restore{D5F6

Title: Problems
Post by: guestolo on April 10, 2009, 09:30:48 AM

I still believe your best bet is to clean install your system
You may get lucky with a repair, but I suggest the clean install

Which way would you like to proceed?

Title: Problems
Post by: thisornothing on April 11, 2009, 08:18:49 AM

im not sure how to reformat actually. can u give me a guide? now my computer is getting worse. i cant even go on the internet now and im using my brother's computer. i think i'll jus reinstall. thanks for all your help.

Title: Problems
Post by: guestolo on April 11, 2009, 10:12:45 AM

Here's a great guide:
http://forums.whatthetech.com/How_Reformat...tem_t91962.html (http://\"http://forums.whatthetech.com/How_Reformat_Reinstall_your_Operating_System_t91962.html\")

Take note: On the step to Download all installed programs that you wish to keep and do not have disc for
Skip that part as you can't get online

But do install Avast as soon as you can when back online
In addition, if you have any external flash drives, harddrives, etc...
They may have infected files on them, we will have to clean them before you insert them back into the computer
Come back here and let me know how it's going after reinstalling

Title: Problems
Post by: thisornothing on April 18, 2009, 03:14:06 AM

i havnt got the chance to go online in a long time..im on my friend's computer now...i'll try to reformat today

Title: Problems
Post by: thisornothing on April 19, 2009, 03:13:18 AM

my com is working fine now. not much problems.