Lainaus:

---

SmitFraudFix v2.122

Scan done at 16:41:20,09, 27/02/2007
Run from C:\Documents and Settings\Omistaja\Ty?p?yt?\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Omistaja


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Omistaja\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Omistaja\Suosikit


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

---

Lainaus:

---

SmitFraudFix v2.144

Scan done at 17:12:10,99, 27/02/2007
Run from C:\Documents and Settings\Omistaja\Ty"p"yt?\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\higehsg.dll FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Omistaja


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Omistaja\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Omistaja\Suosikit

C:\DOCUME~1\Omistaja\Suosikit\Online Security Test.url FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\PestCapture\ FOUND !
C:\Program Files\Video Access ActiveX Object\ FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32


»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

---

Lainaus:

---

Logfile of HijackThis v1.99.1
Scan saved at 17:18:30, on 27/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Video Access ActiveX Object\isamntr.exe
C:\Program Files\Video Access ActiveX Object\pmsnrr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Video Access ActiveX Object\pmmnt.exe
C:\Program Files\Video Access ActiveX Object\isamini.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Omistaja\Työpöytä\HijackThis.exe

O2 - BHO: (no name) - {67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} - C:\Program Files\Video Access ActiveX Object\isadd.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe

---

Lainaus:

---

SmitFraudFix v2.144

Scan done at 17:38:04,90, 27/02/2007
Run from C:\Documents and Settings\Omistaja\Ty?p?yt?\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\higehsg.dll Deleted
C:\DOCUME~1\Omistaja\Suosikit\Online Security Test.url Deleted
C:\Program Files\PestCapture\ Deleted
Problem while deleting C:\Program Files\Video Access ActiveX Object\

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Reboot

C:\Program Files\Video Access ActiveX Object Deleted


»»»»»»»»»»»»»»»»»»»»»»»» End

---

Lainaus:

---

File C:\Documents and Settings\Omistaja\Local Settings\Temp\SmitfraudFix-3\SmitfraudFix\Reboot.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
File C:\Documents and Settings\Omistaja\Local Settings\Temporary Internet Files\Content.IE5\HXV1BAO9\SystemDoctor2006FreeInstall_fr[1].exe tagged as not-a-virus:Downloader.Win32.WinFixer.l. No Action Taken.
File C:\Documents and Settings\Omistaja\Omat tiedostot\Incomplete\T-161468-_serial_ uno duo tre 21.wma infected by "Trojan-Downloader.WMA.Wimad.d" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Omistaja\Omat tiedostot\Incomplete\T-251042-_naked_ sany aznavour 56.wma infected by "Trojan-Downloader.WMA.Wimad.d" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Omistaja\Työpöytä\SmitfraudFix\Reboot.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
File C:\Documents and Settings\TOUATI\Työpöytä\SmitfraudFix\Reboot.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
File C:\RECYCLER\S-1-5-21-2052111302-1993962763-854245398-1005\Dc11.zip tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
File C:\RECYCLER\S-1-5-21-2052111302-1993962763-854245398-1005\Dc9.zip tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP106\A0007475.exe infected by "Trojan-Downloader.Win32.Zlob.bfq" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0010654.dll infected by "Trojan-Downloader.Win32.Zlob.bhc" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0010659.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0010660.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0010661.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0010669.exe infected by "Trojan-Downloader.Win32.Zlob.bpd" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0010670.exe infected by "Trojan-Downloader.Win32.Zlob.bpd" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0010702.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0010703.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0010713.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0010714.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0010715.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011713.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011714.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011715.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011731.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011732.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011733.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011743.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011744.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011745.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011754.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011755.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011756.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011768.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011769.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011770.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011780.exe tagged as not-a-virus:AdTool.Win32.WhenU.a. No Action Taken.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011785.dll infected by "not-virus:Hoax.Win32.Renos.ap" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011788.exe infected by "Trojan-Downloader.Win32.Zlob.aws" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011789.exe infected by "Trojan-Downloader.Win32.Zlob.azi" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011796.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011797.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011798.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011814.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011815.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011816.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0011826.dll tagged as not-a-virus:AdWare.Win32.ProtectionBar.x. No Action Taken.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012484.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012488.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012489.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012491.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012495.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012496.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012503.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012504.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012556.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012564.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012568.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012569.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012574.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012575.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012576.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012591.dll tagged as not-a-virus:FraudTool.Win32.SpySheriff.a. No Action Taken.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012592.dll tagged as not-a-virus:FraudTool.Win32.SpySheriff.a. No Action Taken.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012593.dll tagged as not-a-virus:FraudTool.Win32.SpySheriff.a. No Action Taken.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012594.dll tagged as not-a-virus:FraudTool.Win32.SpySheriff.a. No Action Taken.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012600.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012601.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012602.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012615.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012616.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012617.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012621.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012628.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012629.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012638.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012639.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012640.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012645.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012646.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP135\A0012647.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012657.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012658.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012665.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012666.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012667.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012672.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012686.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012687.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012688.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012689.dll tagged as not-a-virus:FraudTool.Win32.WorldSecurityOnline.d. No Action Taken.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012693.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012694.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012701.dll infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012702.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012703.exe infected by "Trojan-Downloader.Win32.Zlob.bpf" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012704.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP136\A0012705.exe infected by "Trojan-Downloader.Win32.Zlob.bng" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP87\A0005768.exe infected by "not-virus:Hoax.Win32.Renos.gf" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP98\A0006784.exe tagged as not-a-virus:AdWare.Win32.180Solutions.ax. No Action Taken.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP98\A0006788.dll tagged as not-a-virus:AdWare.Win32.180Solutions.ax. No Action Taken.
File C:\System Volume Information\_restore{6CBE5E57-6217-4E5F-AC15-AAFD50B8392A}\RP98\A0006855.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.

---