Solved internet explorer randomly closing

Safc33 · 2013/03/22

Only one box appearred after the otl run, if you could tell me where extras would be saved i will have a look just a quick search on my computer found nothing. below is report that did appear
OTL logfile created on: 3/23/2013 12:26:31 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Philip Green\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.48 Mb Total Physical Memory | 104.39 Mb Available Physical Memory | 21.77% Memory free
1.10 Gb Paging File | 0.83 Gb Available in Paging File | 75.40% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.68 Gb Total Space | 37.42 Gb Free Space | 48.81% Space Free | Partition Type: NTFS
Drive D: | 1.86 Gb Total Space | 1.66 Gb Free Space | 89.40% Space Free | Partition Type: FAT

Computer Name: PHILIP | User Name: Philip Green | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/23 00:00:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philip Green\Desktop\OTL.exe
PRC - [2013/03/21 12:46:52 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/03/06 23:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/06 23:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/03/22 19:56:27 | 000,453,240 | ---- | M] (http://www.express-files.com/) -- C:\Program Files\ExpressFiles\ExpressFiles.exe
PRC - [2012/03/22 19:56:27 | 000,172,664 | ---- | M] (http://www.express-files.com/) -- C:\Program Files\ExpressFiles\EFupdater.exe
PRC - [2009/07/24 01:15:18 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe
PRC - [2007/12/21 00:18:18 | 000,389,215 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson SpeedTouch\ST330\service\st330service.exe
PRC - [2007/12/21 00:18:17 | 000,557,149 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson SpeedTouch\ST330\diagnostics\diagnostics.exe
PRC - [2007/06/13 10:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/14 02:42:10 | 000,049,152 | ---- | M] (Seiko Instruments USA Inc.) -- C:\WINDOWS\Seiko\slpcap.exe
PRC - [2006/11/28 00:12:24 | 002,658,304 | ---- | M] () -- C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
PRC - [2006/10/23 12:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2006/09/26 00:52:48 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1200932265\ee\aolsoftware.exe
PRC - [2006/06/27 15:21:14 | 001,449,984 | ---- | M] (Time Information Services Ltd.) -- C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
PRC - [2006/06/09 09:37:18 | 000,471,552 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
PRC - [2006/06/05 12:59:18 | 000,174,080 | ---- | M] (Nokia.) -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
PRC - [2003/04/02 13:56:34 | 000,131,072 | ---- | M] (Philips PC Cameras) -- C:\Program Files\Philips ToUcam Camera\VProperty.exe

========== Modules (No Company Name) ==========

MOD - [2013/03/22 20:04:44 | 002,076,160 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13032201\algo.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2007/12/21 00:18:18 | 004,222,976 | ---- | M] () -- C:\Program Files\Thomson SpeedTouch\ST330\service\qt-mt332.dll
MOD - [2007/12/21 00:18:17 | 004,222,976 | ---- | M] () -- C:\Program Files\Thomson SpeedTouch\ST330\diagnostics\qt-mt332.dll
MOD - [2007/12/21 00:18:17 | 000,364,544 | ---- | M] () -- C:\Program Files\Thomson SpeedTouch\ST330\diagnostics\qwt.dll
MOD - [2006/11/28 00:12:24 | 002,658,304 | ---- | M] () -- C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
MOD - [2005/11/11 08:15:18 | 000,204,800 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll
MOD - [2004/08/04 12:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/08/04 12:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2004/08/04 12:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2001/03/02 11:02:04 | 000,037,808 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\DAT6F3.tmp.exe -- (zgmtotxwd)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/03/21 12:46:52 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/03/06 23:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2007/12/21 00:18:18 | 000,389,215 | ---- | M] () [Auto | Running] -- C:\Program Files/Thomson SpeedTouch/ST330/service/st330service.exe -- (st330service)
SRV - [2006/10/23 12:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2006/06/05 12:59:18 | 000,174,080 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2013/03/06 23:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/03/06 23:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/03/06 23:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/03/06 23:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/03/06 23:33:24 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/03/06 23:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/03/06 23:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/03/06 23:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/05/05 16:42:18 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/02/22 15:33:02 | 000,114,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2008/02/22 15:33:02 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2008/02/22 15:33:00 | 000,087,936 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2008/02/11 16:07:00 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2007/12/21 00:18:18 | 000,032,000 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stppp.sys -- (stppp)
DRV - [2007/12/21 00:18:18 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\st330.sys -- (ST330)
DRV - [2007/12/21 00:18:18 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stbus.sys -- (STBUS)
DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/05/29 07:26:38 | 000,127,488 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2006/05/29 07:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (Nokia USB Port)
DRV - [2006/05/29 07:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2006/05/29 07:26:36 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004/09/29 07:35:30 | 000,219,136 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/09/29 07:34:24 | 000,702,592 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/09/29 07:33:50 | 001,036,928 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/05/22 15:44:44 | 000,670,203 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51)
DRV - [2003/01/10 21:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [2001/08/17 13:04:46 | 000,223,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\camdrv21.sys -- (camvid20)
DRV - [2000/10/25 12:27:24 | 000,003,000 | R--- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\SetupNT.sys -- (SetupNT)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=tb50trie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sky.com/
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=tb50trie7
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

O1 HOSTS File: ([2013/03/22 22:55:20 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\Toolbar\WebBrowser: (no name) - {E97B5F2E-CA8E-4D34-BDA3-44EEC4ED2B12} - No CLSID value found.
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [diagnostics] C:\Program Files\Thomson SpeedTouch\ST330\diagnostics\diagnostics.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [ExpressFiles] C:\Program Files\ExpressFiles\ExpressFiles.exe (http://www.express-files.com/)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1200932265\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe ()
O4 - HKLM..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe (Philips PC Cameras)
O4 - HKU\S-1-5-21-746137067-287218729-725345543-1004..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O4 - HKU\S-1-5-21-746137067-287218729-725345543-1004..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-746137067-287218729-725345543-1004..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WTGU.lnk = File not found
O4 - Startup: C:\Documents and Settings\Philip Green\Start Menu\Programs\Startup\SmartCapture.lnk = C:\WINDOWS\Seiko\slpcap.exe (Seiko Instruments USA Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-287218729-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-746137067-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-746137067-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKU\S-1-5-21-746137067-287218729-725345543-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E0C4855-F98B-4126-8198-CE5A6D3E5FE9}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/05/31 20:28:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/23 00:26:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Philip Green\Desktop\OTL.exe
[2013/03/23 00:07:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/03/23 00:07:09 | 000,000,000 | ---D | C] -- C:\JRT
[2013/03/23 00:07:03 | 000,549,920 | ---- | C] (Oleg N. Scherbakov) -- C:\Documents and Settings\Philip Green\Desktop\JRT.exe
[2013/03/22 12:08:35 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/03/22 12:06:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/03/22 12:06:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/03/22 12:06:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/03/22 12:06:33 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/03/22 12:06:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/03/22 12:05:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/03/22 12:02:30 | 005,042,224 | R--- | C] (Swearware) -- C:\Documents and Settings\Philip Green\Desktop\ComboFix.exe
[2013/03/21 20:50:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philip Green\Desktop\mbar-1.01.0.1021
[2013/03/21 20:33:19 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/03/21 20:33:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013/03/21 20:33:18 | 000,368,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/03/21 20:33:16 | 000,062,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/03/21 20:33:16 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/03/21 20:33:14 | 000,765,736 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/03/21 20:33:10 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/03/21 20:33:09 | 000,228,600 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/03/21 20:30:47 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/03/21 20:27:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/03/21 20:25:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/03/21 16:09:52 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\Philip Green\Desktop\dds.com
[2013/03/21 16:05:48 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Philip Green\Desktop\aswMBR.exe
[2013/03/21 15:29:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philip Green\Application Data\Malwarebytes
[2013/03/21 15:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/21 15:29:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/03/21 15:29:06 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/03/21 15:29:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/03/21 15:28:27 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Philip Green\Desktop\mbam-setup-1.70.0.1100.exe

========== Files - Modified Within 30 Days ==========

[2013/03/23 00:08:32 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/03/23 00:07:24 | 000,013,744 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/23 00:05:21 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Express Files Updater.job
[2013/03/23 00:05:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/03/23 00:00:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philip Green\Desktop\OTL.exe
[2013/03/23 00:00:32 | 000,549,920 | ---- | M] (Oleg N. Scherbakov) -- C:\Documents and Settings\Philip Green\Desktop\JRT.exe
[2013/03/22 23:59:50 | 000,609,993 | ---- | M] () -- C:\Documents and Settings\Philip Green\Desktop\adwcleaner.exe
[2013/03/22 22:55:20 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/03/22 20:25:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/03/22 13:19:37 | 000,432,688 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/03/22 13:19:37 | 000,067,660 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/03/22 12:08:45 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013/03/22 12:05:17 | 005,042,224 | R--- | M] (Swearware) -- C:\Documents and Settings\Philip Green\Desktop\ComboFix.exe
[2013/03/21 20:33:20 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/03/21 20:33:09 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/03/21 20:24:14 | 013,786,977 | ---- | M] () -- C:\Documents and Settings\Philip Green\Desktop\mbar-1.01.0.1021.zip
[2013/03/21 20:23:24 | 000,816,128 | ---- | M] () -- C:\Documents and Settings\Philip Green\Desktop\RogueKiller.exe
[2013/03/21 16:09:31 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Philip Green\Desktop\MBR.dat
[2013/03/21 15:29:10 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/21 15:26:20 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\Philip Green\Desktop\dds.com
[2013/03/21 15:25:58 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Philip Green\Desktop\aswMBR.exe
[2013/03/21 15:23:36 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Philip Green\Desktop\mbam-setup-1.70.0.1100.exe
[2013/03/21 12:47:34 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/03/19 15:48:20 | 040,895,883 | ---- | M] () -- C:\Documents and Settings\Philip Green\Desktop\Skype_6.3.59.582.dmg
[2013/03/06 23:33:24 | 000,765,736 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/03/06 23:33:24 | 000,368,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/03/06 23:33:24 | 000,164,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/06 23:33:24 | 000,062,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/03/06 23:33:24 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/03/06 23:33:24 | 000,049,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/03/06 23:33:23 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/03/06 23:33:22 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/03/06 23:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/03/06 23:32:42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/02/26 11:25:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/02/23 20:05:30 | 000,098,466 | ---- | M] () -- C:\Documents and Settings\Philip Green\Desktop\059_1000.jpg

========== Files Created - No Company Name ==========

[2013/03/23 00:02:33 | 000,609,993 | ---- | C] () -- C:\Documents and Settings\Philip Green\Desktop\adwcleaner.exe
[2013/03/22 12:08:45 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013/03/22 12:08:39 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/03/22 12:06:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/03/22 12:06:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/03/22 12:06:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/03/22 12:06:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/03/22 12:06:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/03/21 20:50:04 | 013,786,977 | ---- | C] () -- C:\Documents and Settings\Philip Green\Desktop\mbar-1.01.0.1021.zip
[2013/03/21 20:36:02 | 000,816,128 | ---- | C] () -- C:\Documents and Settings\Philip Green\Desktop\RogueKiller.exe
[2013/03/21 20:33:20 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/03/21 20:33:13 | 000,164,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/21 20:33:13 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/03/21 20:33:12 | 000,049,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/03/21 16:09:31 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Philip Green\Desktop\MBR.dat
[2013/03/21 15:29:10 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/19 15:48:20 | 040,895,883 | ---- | C] () -- C:\Documents and Settings\Philip Green\Desktop\Skype_6.3.59.582.dmg
[2013/02/23 20:07:12 | 000,098,466 | ---- | C] () -- C:\Documents and Settings\Philip Green\Desktop\059_1000.jpg
[2012/10/11 15:16:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Philip Green\ŸŸ
[2012/02/03 19:26:55 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Philip Green\Ÿ7Ÿ7
[2012/02/02 13:27:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/01/24 23:24:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Philip Green\Ÿ8Ÿ8
[2008/12/30 20:52:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2007/07/04 16:20:58 | 000,585,494 | ---- | C] () -- C:\Documents and Settings\Philip Green\Application Data\NMM-MetaData.db
[2005/09/16 15:07:52 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\Philip Green\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/03/19 19:47:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
" " = %SystemRoot%\system32\shdocvw.dll -- [2009/12/22 05:42:48 | 001,506,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
" " = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 10:20:33 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
" " = %systemroot%\system32\wbem\wbemess.dll -- [2004/08/04 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/11/29 15:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/07/28 22:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\6F638BBA4A60CE47005034E6E56C34C7
[2009/06/19 19:40:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2012/02/02 13:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aiseesoft Studio
[2013/03/21 20:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2007/07/04 16:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2007/07/04 16:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/03/03 13:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/04/11 13:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/15 18:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/06/19 19:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\acccore
[2012/08/09 18:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Aqymd
[2007/09/26 00:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Datalayer
[2013/03/21 15:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Duxeq
[2008/04/30 20:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\EasyChat
[2012/07/28 22:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Ehawy
[2013/03/23 00:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\ExpressFiles
[2012/02/02 19:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\FreeAudioPack
[2012/08/03 19:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Gucop
[2009/05/11 12:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\HCM Updater
[2007/02/05 23:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\ICAClient
[2007/05/03 13:53:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Image Zone Express
[2006/10/12 12:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\InterTrust
[2008/04/25 12:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Leadertech
[2012/02/02 13:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\MPEG Streamclip
[2008/01/26 22:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Nokia
[2008/03/21 17:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Nokia Multimedia Player
[2012/09/24 16:41:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Ovwayn
[2007/03/08 16:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\PC Suite
[2006/05/31 15:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Samsung
[2010/12/09 15:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\SignupShield
[2007/01/11 14:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Sports Interactive
[2011/08/28 22:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\TeamViewer
[2012/08/09 18:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Veenih
[2012/12/08 21:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Waykwy
[2009/03/25 21:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Windows Live Writer
[2013/03/21 15:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Ylxu
[2013/03/21 15:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Yrar

========== Purity Check ==========

< End of report >

Safc33 · 2013/03/22

dupe...

broni · 2013/03/22

You didn't answer my question:

How is computer doing?
Click to expand...

====================================

Run OTL
Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following
Code:
:OTL
SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\DAT6F3.tmp.exe -- (zgmtotxwd)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings:  "ProxyOverride" = <local>;*.local
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\Toolbar\WebBrowser: (no name) - {E97B5F2E-CA8E-4D34-BDA3-44EEC4ED2B12} - No CLSID value found.
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WTGU.lnk = File not found
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com File not found
O15 - HKU\S-1-5-21-746137067-287218729-725345543-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
Then click the [color= "#FF0000"]Run Fix[/color] button at the top

Let the program run unhindered, reboot the PC when it is done

You will get a log that shows the results of the fix. Please post it.
NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.

Last scans...

Download Security Check from here or here and save it to your Desktop.

Double-click SecurityCheck.exe

Follow the onscreen instructions inside of the black box.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

Make sure the following options are checked:

Internet Services

Windows Firewall

System Restore

Security Center

Windows Update

Windows Defender

Press "Scan ".

It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

Double click on TFC.exe to run the program.

Click on Start button to begin cleaning process.

TFC will close all running programs, and it may ask you to restart computer.

Please run a free online scan with the ESET Online Scanner

Disable your antivirus program

Tick the box next to YES, I accept the Terms of Use

Click Start

Accept any security warnings from your browser.

Check Scan archives

Click Start

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

When the scan completes, click on List of found threats

Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

NOTE. If Eset won't find any threats, it won't produce any log.

Safc33 · 2013/03/22

hi sorry i totally forgot to even check if computer was working any better, internet explorer pages are staying open as of now which is a bonus so thank you so far, just running the next steps you've told me to do and will give you reports asap

Safc33 · 2013/03/22

All processes killed
========== OTL ==========
Service zgmtotxwd stopped successfully!
Service zgmtotxwd deleted successfully!
File C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\DAT6F3.tmp.exe not found.
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File %SystemRoot%\System32\hidserv.dll not found.
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
File %SystemRoot%\System32\appmgmts.dll not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys not found.
HKU\S-1-5-21-746137067-287218729-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_USERS\S-1-5-21-746137067-287218729-725345543-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E97B5F2E-CA8E-4D34-BDA3-44EEC4ED2B12} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E97B5F2E-CA8E-4D34-BDA3-44EEC4ED2B12}\ not found.
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WTGU.lnk moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08E730A4-FB02-45BD-A900-01E4AD8016F6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08E730A4-FB02-45BD-A900-01E4AD8016F6}\ not found.
Registry key HKEY_USERS\S-1-5-21-746137067-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aol.com\objects\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 65670 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Philip Green
->Temp folder emptied: 169257 bytes
->Temporary Internet Files folder emptied: 13345676 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 53634 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 146284591 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 153.00 mb

[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService
->Java cache emptied: 0 bytes

User: Philip Green
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: All Users
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService
->Flash cache emptied: 0 bytes

User: Philip Green
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 03232013_012708

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Philip Green\Local Settings\Temp\~DF5902.tmp not found!
File\Folder C:\Documents and Settings\Philip Green\Local Settings\Temp\~DF84EA.tmp not found!
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\XZSV0FFM\expuk[1].gif moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\XZSV0FFM\Pug[1].gif moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\Q6GCTY5C\ddc[1].htm moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\Q4HEFK0G\105052-active-internet-explorer-randomly-closing-2[1].html moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\O6KJAXVI\audmeasure[1].gif moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\O6KJAXVI\visitormatch[1].htm moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\MYK9CKJP\fastbutton[1].htm moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\KRROSDOR\xd_arbiter[1].htm moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\GXQTDQM7\xd_arbiter[1].htm moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\9DCKW4NW\sky_bold[1].eot moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\9DCKW4NW\sky_medium[1].eot moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\9DCKW4NW\sky_regular[1].eot moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\11VF66M7\like[1].htm moved successfully.
C:\WINDOWS\temp\_avast_\Webshlock.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Safc33 · 2013/03/22

Results of screen317's Security Check version 0.99.61
Windows XP Service Pack 2 x86
Out of date service pack!!
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Free Antivirus
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
Java(TM) 6 Update 35
Java 7 Update 17
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Java 2 Runtime Environment, SE v1.4.2_03
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
AVAST Software Avast setup avast.setup
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

Safc33 · 2013/03/22

Farbar Service Scanner Version: 03-03-2013
Ran by Philip Green (administrator) on 23-03-2013 at 01:47:58
Running from "C:\Documents and Settings\Philip Green\Desktop "
Microsoft Windows XP Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2004-08-04 12:00] - [2006-05-19 12:59] - 0111616 ____A (Microsoft Corporation) EF545E1A4B043DA4C84E230DD471C55F

C:\WINDOWS\system32\Drivers\afd.sys
[2004-08-04 12:00] - [2008-08-14 09:51] - 0138368 ____A (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\system32\Drivers\netbt.sys
[2004-08-04 12:00] - [2004-08-04 12:00] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2004-08-04 12:00] - [2008-06-20 10:45] - 0360320 ____A (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2004-08-04 12:00] - [2004-08-04 12:00] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2004-08-04 12:00] - [2008-02-20 05:32] - 0045568 ____A (Microsoft Corporation) AAC8FFBFD61E784FA3BAC851D4A0BD5F

C:\WINDOWS\system32\ipnathlp.dll
[2004-08-04 12:00] - [2004-08-04 12:00] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2004-08-04 12:00] - [2005-08-22 18:29] - 0197632 ____A (Microsoft Corporation) 36739B39267914BA69AD0610A0299732

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2005-05-31 20:24] - [2004-08-04 12:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2005-05-31 20:26] - [2004-08-04 12:00] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2005-05-31 20:26] - [2004-08-04 12:00] - 0073472 ___AC (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2004-08-04 12:00] - [2004-08-04 12:00] - 0081408 ____A (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2005-05-31 20:24] - [2004-08-04 12:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2005-05-31 20:26] - [2004-08-04 12:00] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2005-05-31 20:26] - [2004-08-04 12:00] - 0382464 ____A (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2004-08-04 12:00] - [2008-07-07 20:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2004-08-04 12:00] - [2004-08-04 12:00] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2004-08-04 12:00] - [2004-08-04 12:00] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2004-08-04 12:00] - [2009-02-09 10:20] - 0399360 ____A (Microsoft Corporation) 01095FEBF33BEEA00C2A0730B9B3EC28

C:\WINDOWS\system32\services.exe
[2004-08-04 12:00] - [2009-02-06 17:14] - 0110592 ____A (Microsoft Corporation) 37561F8D4160D62DA86D24AE41FAE8DE

Extra List:
=======
aswTdi(10) fssfltr(8) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4) tcpipBM(9)
0x0A00000005000000010000000200000003000000040000000A00000009000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

Safc33 · 2013/03/23

C:\Program Files\SpywareQuake\uninst.exe Win32/Adware.SpywareQuake application
C:\Program Files\SysProtect Free\Activate.exe Win32/Adware.ErrorSafe application
C:\Program Files\SysProtect Free\USYP.exe Win32/Adware.SysProtect application
C:\Qoobox\Quarantine\C\WINDOWS\AppPatch\pcssy.bak1.vir Win32/Adware.Virtumonde.NEO application
C:\Qoobox\Quarantine\C\WINDOWS\AppPatch\pcssy.bak2.vir Win32/Adware.Virtumonde.NEO application
C:\Qoobox\Quarantine\C\WINDOWS\AppPatch\pcssy.ini.vir Win32/Adware.Virtumonde.NEO application
C:\Qoobox\Quarantine\C\WINDOWS\AppPatch\pcssy.tmp.vir Win32/Adware.Virtumonde.NEO application
C:\Qoobox\Quarantine\C\WINDOWS\AppPatch\pcssy.tmp2.vir Win32/Adware.Virtumonde.NEO application
C:\Qoobox\Quarantine\C\WINDOWS\Downloaded Program Files\USYP_0001_N76M2004NetInstaller.exe.vir a variant of Win32/Adware.WinFixer application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1708\A0833033.tlb Win32/TrojanDownloader.Zlob.ME trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833096.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833097.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833098.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833099.dll a variant of Win32/Adware.Virtumonde.NAG application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833100.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833101.dll a variant of Win32/Adware.Virtumonde.NAG application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833102.dll a variant of Win32/Adware.Virtumonde.NAG application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833103.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833104.dll Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833105.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833106.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833107.dll Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833108.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833109.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833110.dll Win32/Adware.SysProtect application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833111.dll Win32/Adware.SysProtect application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833112.exe Win32/Adware.Toolbar.SearchColours application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833113.dll Win32/BHO.NAC trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833114.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833115.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833116.dll Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833117.dll a variant of Win32/Adware.Virtumonde.NAG application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833118.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833119.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833120.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833121.dll Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833122.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833123.dll a variant of Win32/Adware.Virtumonde.NAG application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833124.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833125.dll Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833126.dll a variant of Win32/Adware.Virtumonde.NAG application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833127.dll Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833128.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833129.dll a variant of Win32/Adware.Virtumonde.NAG application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833130.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833131.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833132.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833133.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833134.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833135.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833136.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833137.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833138.dll Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833139.exe Win32/Adware.Toolbar.SearchColours application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833140.dll Win32/BHO.NAH trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833141.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833142.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833143.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833144.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833145.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833146.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833147.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833148.dll Win32/BHO.NAH trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833149.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833150.dll Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833151.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833152.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833153.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833154.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833155.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833156.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833157.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833158.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833159.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833160.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833161.dll Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833162.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833163.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833164.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833165.dll a variant of Win32/Adware.Virtumonde.NAG application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833166.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833167.dll a variant of Win32/Adware.Virtumonde.NAG application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833168.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833169.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833170.dll Win32/Spy.VBStat.H trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833171.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833172.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833173.exe Win32/Adware.ErrorSafe application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833174.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833175.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833176.dll Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833177.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833178.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833179.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833180.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833181.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833182.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833183.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833184.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833185.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833186.dll Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833187.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833188.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833189.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833190.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833191.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833192.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833193.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833194.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833195.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833196.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833197.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833198.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833199.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833200.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833201.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833202.dll Win32/Spy.VBStat.H trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833203.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833204.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833205.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833206.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833207.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833208.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833209.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833210.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833211.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833212.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833213.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833214.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833215.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833216.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833217.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833218.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833219.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833220.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833221.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833222.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833223.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833224.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833225.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833226.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833227.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833228.dll Win32/Spy.VBStat.H trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833229.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833230.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833231.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833232.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833233.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833234.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833235.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833236.dll Win32/Adware.SysProtect application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833237.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833238.dll Win32/Adware.SysProtect application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833239.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833240.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833241.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833242.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833243.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833244.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833245.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833246.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833247.exe Win32/Agent.NCH trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833248.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833249.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833250.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833251.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833252.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833253.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833254.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833255.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833256.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833257.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833258.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833259.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833260.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833261.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833262.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833263.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833264.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833265.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833266.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833267.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833268.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833269.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833270.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833271.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833272.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833273.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833274.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833275.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833276.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833277.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833278.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833279.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833280.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833281.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833282.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833283.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833284.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833285.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833286.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833287.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833288.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833289.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833290.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833291.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833292.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833293.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833294.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833295.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833296.dll Win32/Spy.VBStat.H trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833297.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833298.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833299.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833300.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833301.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833302.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833303.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833304.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833305.exe Win32/Adware.WinFixer application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833306.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833307.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833308.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833309.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833310.exe Win32/Agent.NCH trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833311.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833312.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833313.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833314.dll Win32/Spy.VBStat.H trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833315.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833316.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833317.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833318.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833319.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833320.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833321.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833322.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833323.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833324.dll Win32/Spy.VBStat.H trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833325.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833326.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833327.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833328.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833329.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833330.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833331.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833332.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833333.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833334.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833335.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833336.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833337.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833338.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833339.dll Win32/Spy.VBStat.H trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833340.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833341.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833342.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833343.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833344.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833345.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833346.dll Win32/Spy.VBStat.H trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833347.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833348.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833349.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833350.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833351.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833352.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833353.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833354.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833355.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833356.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833357.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833358.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833359.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833360.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833361.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833362.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833363.dll Win32/Spy.VBStat.H trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833364.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833365.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833366.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833367.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833368.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833369.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833370.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833371.dll a variant of Win32/Adware.BHO.NJT application

Safc33 · 2013/03/23

C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833372.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833373.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833374.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833375.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833376.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833377.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833378.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833379.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833380.exe Win32/Adware.Toolbar.SearchColours application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833381.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833382.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833383.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833384.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833385.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833386.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833387.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833388.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833389.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833390.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833391.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833392.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833393.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833394.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833395.exe Win32/Adware.Toolbar.SearchColours application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833396.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833397.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833398.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833399.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833400.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833401.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833402.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833403.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833404.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833405.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833406.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833407.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833408.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833409.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833410.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833411.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833412.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833413.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833414.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833415.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833416.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833417.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833418.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833419.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833420.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833421.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833422.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833423.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833424.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833425.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833426.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833427.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833428.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833429.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833430.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833431.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833432.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833433.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833434.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833435.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833436.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833437.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833438.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833439.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833440.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833441.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833442.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833443.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833444.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833445.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833446.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833447.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833448.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833449.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833450.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833451.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833452.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833453.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833454.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833455.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833456.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833457.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833458.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833459.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833460.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833461.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833462.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833463.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833464.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833465.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833466.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833467.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833468.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833469.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833470.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833471.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833472.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833473.exe Win32/Agent.NCH trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833474.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833475.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833476.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833477.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833478.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833479.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833480.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833481.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833482.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833483.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833484.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833485.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833486.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833487.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833488.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833489.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833490.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833491.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833492.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833493.dll probably a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833494.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833495.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833496.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833497.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833498.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833499.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833500.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833501.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833502.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833503.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833504.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833505.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833506.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833507.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833508.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833509.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833510.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833511.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833512.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833513.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833514.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833515.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833516.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833517.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833518.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833519.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833520.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833521.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833522.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833523.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833524.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833525.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833526.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833527.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833528.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833529.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833530.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833531.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833532.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833533.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833534.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833535.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833536.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833537.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833538.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833539.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833540.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833541.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833542.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833543.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833544.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833545.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833546.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833547.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833548.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833549.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833550.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833551.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833552.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833553.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833554.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833555.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833556.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833557.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833558.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833559.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833560.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833561.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833562.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833563.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833564.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833565.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833566.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833567.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833568.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833569.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833570.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833571.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833572.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833573.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833574.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833575.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833576.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833577.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833578.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833579.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833580.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833581.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833582.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833583.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833584.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833585.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833586.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833587.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833588.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833589.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833590.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833591.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833592.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833593.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833594.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833595.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833596.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833597.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833598.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833599.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833600.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833601.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833602.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833603.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833604.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833605.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833606.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833607.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833608.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833609.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833610.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833611.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833612.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833613.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833614.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833615.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833616.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833617.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833618.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833619.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833620.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833621.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833622.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833623.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833624.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833625.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833626.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833627.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833628.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833629.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833630.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833631.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833632.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833633.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833634.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833635.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833636.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833637.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833638.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833639.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833640.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833641.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833642.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833643.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833644.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833645.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833646.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833647.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833648.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833649.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833650.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833651.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833652.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833653.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833654.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833655.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833656.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833657.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833658.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833659.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833660.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833661.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833662.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833663.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833664.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833665.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833666.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833667.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833668.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833669.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833670.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833671.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833672.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833673.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833674.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833675.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833676.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833677.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833678.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833679.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833680.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833681.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833682.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833683.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833684.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833685.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833686.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833687.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833688.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833689.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833690.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833691.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833692.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833693.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833694.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833695.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833696.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833697.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833698.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833699.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833700.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833701.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833702.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833703.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833704.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833705.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833706.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833707.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833708.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833709.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833710.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833711.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833712.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833713.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833714.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833715.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833716.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833717.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833718.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833719.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833720.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833721.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833722.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833723.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833724.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833725.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833726.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833727.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833728.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833729.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833730.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833731.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833732.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833733.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833734.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833735.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833736.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833737.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833738.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833739.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833740.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833741.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833742.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833743.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833744.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833745.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833746.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833747.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833748.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833749.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833750.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833751.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833752.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833753.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833754.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833755.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833756.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833757.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833758.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833759.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833760.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833761.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833762.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833763.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833764.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833765.dll a variant of Win32/BHO.G trojan

Safc33 · 2013/03/23

C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833766.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833767.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833768.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833769.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833770.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833771.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833772.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833773.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833774.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833775.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833776.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833777.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833778.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833779.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833780.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833781.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833782.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833783.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833784.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833785.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833786.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833787.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833788.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833789.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833790.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833791.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833792.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833793.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833794.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833795.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833796.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833797.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833798.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833799.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833800.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833801.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833802.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833803.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833804.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833805.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833806.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833807.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833808.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833809.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833810.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833811.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833812.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833813.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833814.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833815.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833816.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833817.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833818.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833819.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833820.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833821.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833822.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833823.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833824.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833825.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833826.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833827.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833828.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833829.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833830.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833831.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833832.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833833.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833834.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833835.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833836.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833837.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833838.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833839.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833840.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833841.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833842.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833843.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833844.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833845.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833846.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833847.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833848.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833849.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833850.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833851.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833852.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833853.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833854.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833855.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833856.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833857.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833858.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833859.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833860.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833861.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833862.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833863.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833864.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833865.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833866.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833867.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833868.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833869.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833870.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833871.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833872.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833873.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833874.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833875.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833876.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833877.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833878.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833879.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833880.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833881.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833882.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833883.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833884.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833885.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833886.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833887.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833888.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833889.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833890.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833891.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833892.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833893.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833894.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833895.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833896.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833897.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833898.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833899.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833900.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833901.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833902.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833903.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833904.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833905.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833906.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833907.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833908.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833909.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833910.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833911.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833912.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833913.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833914.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833915.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833916.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833917.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833918.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833919.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833920.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833921.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833922.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833923.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833924.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833925.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833926.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833927.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833928.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833929.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833930.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833931.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833932.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833933.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833934.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833935.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833936.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833937.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833938.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833939.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833940.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833941.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833942.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833943.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833944.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833945.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833946.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833947.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833948.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833949.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833950.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833951.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833952.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833953.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833954.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833955.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833956.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833957.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833958.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833959.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833960.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833961.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833962.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833963.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833964.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833965.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833966.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833967.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833968.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833969.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833970.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833971.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833972.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833973.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833974.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833975.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833976.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833977.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833978.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833979.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833980.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833981.exe Win32/Adware.Toolbar.SearchColours application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833982.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833983.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833984.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833985.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833986.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833987.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833988.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833989.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833990.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833991.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833992.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833993.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833994.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833995.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833996.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833997.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833998.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0833999.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834000.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834001.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834002.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834003.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834004.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834005.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834006.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834007.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834008.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834009.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834010.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834011.dll Win32/Adware.Toolbar.SearchColours application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834012.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834013.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834014.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834015.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834016.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834017.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834018.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834019.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834020.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834021.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834022.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834023.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834024.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834025.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834026.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834027.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834028.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834029.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834030.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834031.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834032.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834033.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834034.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834035.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834036.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834037.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834038.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834039.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834040.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834041.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834042.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834043.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834044.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834045.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834046.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834047.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834048.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834049.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834050.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834051.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834052.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834053.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834054.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834055.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834056.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834057.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834058.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834059.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834060.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834061.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834062.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834063.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834064.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834065.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834066.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834067.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834068.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834069.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834070.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834071.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834072.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834073.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834074.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834075.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834076.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834077.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834078.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834079.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834080.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834081.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834082.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834083.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834084.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834085.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834086.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834087.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834088.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834089.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834090.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834091.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834092.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834093.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834094.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834095.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834097.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834098.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834099.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834100.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834101.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834102.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834103.dll a variant of Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834104.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834105.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834106.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834107.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834108.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834109.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834110.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834111.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834112.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834113.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834114.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834115.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834116.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834117.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834118.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834119.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834120.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834121.exe Win32/Adware.Toolbar.SearchColours application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834122.dll Win32/Spy.VBStat.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834123.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834124.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834125.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834126.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834127.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834128.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834129.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834130.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834131.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834132.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834133.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834134.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834135.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834136.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834137.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834138.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834139.dll Win32/Adware.BHO.NAW application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834140.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834141.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834142.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834143.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834144.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834145.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834146.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834147.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834148.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834149.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834150.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834151.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834152.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834153.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834154.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834155.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834156.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834157.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834158.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834159.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834160.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834161.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834162.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834163.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834164.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834165.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834166.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834167.exe Win32/Agent.BCK trojan

Safc33 · 2013/03/23

C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834168.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834169.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834170.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834171.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834172.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834173.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834174.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834175.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834176.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834177.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834178.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834179.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834180.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834181.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834182.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834183.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834184.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834185.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834186.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834187.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834188.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834189.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834190.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834191.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834192.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834193.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834194.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834195.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834196.exe Win32/Adware.Toolbar.SearchColours application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834197.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834198.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834199.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834200.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834201.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834202.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834203.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834205.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834206.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834207.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834208.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834209.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834210.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834211.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834212.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834213.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834214.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834215.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834216.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834217.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834218.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834219.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834220.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834221.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834222.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834223.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834224.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834225.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834226.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834227.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834228.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834229.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834230.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834231.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834232.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834233.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834234.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834235.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834236.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834237.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834238.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834239.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834240.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834241.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834242.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834243.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834244.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834245.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834246.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834247.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834248.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834249.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834250.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834251.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834252.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834253.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834254.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834255.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834256.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834257.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834258.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834259.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834260.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834261.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834262.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834263.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834264.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834265.exe Win32/Adware.Toolbar.SearchColours application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834266.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834267.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834268.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834269.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834270.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834271.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834272.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834273.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834274.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834275.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834276.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834277.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834278.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834279.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834280.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834281.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834282.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834283.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834284.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834285.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834286.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834287.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834288.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834289.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834290.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834292.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834293.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834294.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834295.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834296.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834297.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834298.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834299.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834300.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834301.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834302.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834303.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834304.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834305.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834306.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834307.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834308.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834309.dll Win32/Adware.BHO.V application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834310.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834311.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834312.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834313.dll Win32/BHO.BD trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834314.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834315.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834316.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834317.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834318.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834319.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834320.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834321.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834322.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834323.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834324.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834325.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834326.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834327.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834328.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834329.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834330.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834331.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834332.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834333.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834334.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834335.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834336.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834337.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834338.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834339.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834340.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834341.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834342.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834343.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834344.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834345.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834346.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834347.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834348.dll a variant of Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834349.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834350.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834351.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834352.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834353.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834354.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834355.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834356.exe Win32/Adware.Ezula application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834357.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834358.dll Win32/Spy.VBStat.J trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834359.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834360.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834361.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834362.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834363.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834364.dll a variant of Win32/Adware.BHO.NJT application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834365.dll Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834366.exe Win32/Agent.BCK trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834368.sys Win32/Agent.NBZ trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834369.dll a variant of Win32/Adware.Virtumonde.NAG application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834370.dll a variant of Win32/Adware.Virtumonde.NAG application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834371.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834372.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834373.dll Win32/BHO.G trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834374.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834375.dll Win32/Adware.Virtumonde application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834376.dll Win32/Adware.Virtumonde.KI application
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1709\A0834377.exe a variant of Win32/Kryptik.OKF trojan
C:\System Volume Information\_restore{F78F8A83-E814-4891-ADC2-3C4DC1A79D6F}\RP1710\A0834487.ini Win32/Adware.Virtumonde.NEO application
C:\WINDOWS\system32\1024\ld6F1B.tmp a variant of Win32/Hoax.Renos application
C:\WINDOWS\system32\1024\ld7E2F.tmp a variant of Win32/TrojanDownloader.Zlob trojan
C:\WINDOWS\system32\1024\ldACC1.tmp a variant of Win32/TrojanDownloader.Zlob trojan
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ackobres.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\adfstgaq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\aekmbwon.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\aeyjljbc.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ahivoyhr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\aifbejlv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ajamhiap.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\alenuyuy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\amewmqhv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\aoasuluc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\apvatxll.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\apviramj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\apylplmw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\asywrbww.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\atowpvbn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\atxamgnd.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\auqwmbos.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\avnjdmxw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\awsvkoel.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\awvyftaq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\axufuprb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\aylutcsu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bdehgrda.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bdlcrfcl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bhnlnsoo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bjihmqbw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bjloivdb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bkmpppnp.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bmmgttdx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bmonkprq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bnpnwshe.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\brwnuwnx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bsdexixf.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bskpmpwx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\btgdaxrp.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bvllsbax.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bvswqckf.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bvvpspss.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bwbdaadg.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bweiywli.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bwloyqmv.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bwtikxqi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\bxfmbgxm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ccdtlrab.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\cegfbdub.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\cernslvj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\cfhwssxw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\chljogry.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\cigfmlbs.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ciikunln.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\cjjesvyg.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ckhpjwwk.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ckvbumly.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\clacpnfc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\cnfqhamb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\cnjbmclp.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\coetxudp.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\cppsqmlb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\cqnxecsq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\crkhujvh.dll Win32/Adware.BHO.V application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\csebqxoq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\csxoaroq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ctrwvexd.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\cuvfaihj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\cvvkkkxr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\cwyblfxo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\davlqvjo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dchtgoju.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dfyvqdae.dll Win32/Adware.BHO.V application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dggwptri.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dinhurck.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\diueiwnw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\divkahcm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dlufyqwh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dpnhsxve.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dppgeddx.dll Win32/Adware.BHO.V application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dpsfdgud.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\drcfmiab.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dreeuoba.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\drefundh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\drwlbgfy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dskktway.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dtunqnks.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dtvlxtmw.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\duwngmag.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dvkjanjo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\dyuddxyx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ebamvngc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ebidggkh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\egaobntd.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ehcyodiu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\eikjehdh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ekfslnxi.dll Win32/Adware.BHO.V application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\eknklsxv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ellskjxr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\eltlxrbu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\emdstyoq.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ennktskk.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\envifavf.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\eoghdqlr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\eoiimyno.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\eondjjan.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\epmkfimh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\eqjnkvac.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\eqxrmnvx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\eqxsiutb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\euhqroyc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\evbmywxq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fbqchkkk.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fbwvyypk.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fdutcxuc.exe Win32/Agent.NBZ trojan
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ffibsida.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ffkkdwmd.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fhblenax.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fidfswot.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fiofgoes.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fiusoayb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fjggjvbc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\flajdlpm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fmysdisc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fpqsdrkc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fqnqvhfp.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ftgwsemq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\futyhbqq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fvlxghxj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fvnikfmt.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fypwvnbv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\fyukgahn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gbehnijn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gbjftmwi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gctbgsau.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gcykqism.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gdchpetp.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gdikwyry.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gjtjrnfo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gjwiearc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gjxtjqen.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\glxxiwyq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gmbfmgul.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gmnnltvu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gnwmxcsx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gnyskrmm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gqypekok.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\grfqpsye.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\grrgfmqb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gskafhrd.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gvfumirh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\gxpteunv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hakmvkwk.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\handyjep.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hasqupao.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hbmflpfi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hcsulola.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hcvveofo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hdtnddpl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hfdbsdvm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hfwcnbue.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hhwyrrtj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hihhfmks.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hjwefpyb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hkfpkfkm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hmbshuvl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hnxbqnrk.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hophpdvf.dll Win32/Adware.BHO.V application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hpwmwpar.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hqhomqxg.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\htdpybac.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\htjndhlw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hyjgtxli.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\hyvbfnwj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\igfplclt.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ihswfrdy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\iitdcgdh.ini Win32/Adware.Virtu

Safc33 · 2013/03/23

monde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ilnypixy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\imarqatm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\imvmpvwi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\iosaeydy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ipgglolo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ipntcrsi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\iqdfugyu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\iqjfmaur.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\irvursei.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\isghesfs.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\iuduoekv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ixhcevfi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jbarfigv.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jdkfwgox.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jelrtjdh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jeornimo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jfeaogas.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jgdrtdlt.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jixbcllo.dll Win32/Adware.BHO.V application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jmhuvcxl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jnfkjkqy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jnichhhs.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jqruyobe.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jrcgmofb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jtbhuuun.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jtdkthhc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jvfuokro.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jxhdkxuf.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jyetvfrh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jykmblbe.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\jypmqrnu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kbepgkew.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\keryyesm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\khgkotsn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kiueipic.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kiydqbrd.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kjblablj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kjgbpdgh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kkqaaqyd.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\klwcrypi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kmhagxeb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kmpjwkyq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kmvmlcxq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\knaeqjbh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\koawwmmr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kqeyvfmu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ksvhwdom.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ksyhvqtx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ktvqsobt.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kutuimpw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kuveobab.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kuxxgaif.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kwestipt.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\kwkdwoby.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lagjwppo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\laiuyeqg.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lbsknfkn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lctbeymw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lflnleri.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lfxcvigq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lgqkvpfw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lhqhhxrx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lkfuvkwj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lkxhnypo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lnjfjamu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lnkmrwlw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lnslknic.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lnwfhkcc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lpnnmlhx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lqadlcit.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lqhdkgmr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ludvmuof.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lvjgfwxv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\lxuewwhh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mbisqfil.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mdjssfby.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mesxxlcg.dll Win32/Adware.BHO.V application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mfkgttgb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mikhiiif.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mixejfyl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mjalkhqo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mjediwqy.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mkwemagd.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mmgknqba.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mnxlwxdo.dll Win32/Adware.BHO.V application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mpawdquf.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mpwyjubr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mqdjussc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mqwmxeyx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mrbtymeu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\msmqtxsy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mutwmqcx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mvhnydpu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mvsfoskl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mwvhgtbu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mxfeqfnc.dll Win32/Adware.BHO.V application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\myaavlwv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\mybtxcvs.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ncumcgvn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nfmslnqa.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nfqcxsaw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nfsblpxt.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ngbyolnn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ngrjvvmm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\njnynkix.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nkuesvaj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nlfjtdci.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\novwrckl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\noyjvxpr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nphwsvpb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nqvtweks.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nrmdfkyx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nroeakcs.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nrpwynkj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nsdkyxvn.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ntgulina.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nthwtmij.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nueoeuil.dll a variant of Win32/Adware.BHO.NJT application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nurwnxhj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nveulujq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nwdknoan.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nwqxtpue.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nxefyfse.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\nyxumjnx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\oaahyepi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\oaeonysm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\oaevorcr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\oasibsck.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\obasefwm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\oerqibhb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ogfvxphe.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ogveclmr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ogxfkded.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ohihgnly.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ojcuugso.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\onanrjhp.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\opxdthaf.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\orjfgikt.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\otttleav.exe Win32/Agent.NBZ trojan
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ovkonahw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\owpsncmx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\papsmnhm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pbabaphg.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pbpwuugj.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pelkxsti.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pessqnma.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pfnfidgn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pfwlxibx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\phmlfecl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pibtdslq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pjcuspnk.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pjmpvbht.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pkmpctsw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\plsyfuxx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pnhmvguh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\podrtphs.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ppestubj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pqixwbrj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\proxytsv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\puoxllna.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pvmppqko.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pxdxgrha.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\pxlbntcf.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qawotigk.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qbbpbgoi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qcivbcsv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qddmkdvy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qdoaawrk.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qedhkqob.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qfgvhwec.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qhmfxpgw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qjsyfeuh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qkcidsaf.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qlamxuhe.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qlxgrqpn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qpxsavhi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qrxjitxn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qsgxokiq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qsvtxwtg.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qsxjmktq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qutctluu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qwcdlqif.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qwesfuln.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qwrcywli.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\qxnpajkn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\raposqgr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rbkkmveh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rcecttan.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rcsewman.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rddlbqev.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\reayoipa.dll Win32/Adware.BHO.V application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\repgwisx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\revoofla.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rfglgrum.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rftpdprp.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rkhmrfgu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rmhpgumm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rmrgckhc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rmryslvi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rmxgimwe.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rocgiihf.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rpykiwud.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rsycdpsq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rtahypaf.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\rueubxbj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ruryrrai.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\sbsihhnr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\scbiijop.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\scirvegq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\selatplw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\sgsiekhe.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\sieivpam.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\sjslgdvk.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\slfhyrkp.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\slqlvhmi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\smbyjlur.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\smxnhdjc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\sokphfym.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\srkskqat.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\srycruqv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\stygxsxc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\suhubkru.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\svcsldrt.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\svotfhny.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\swbanxve.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\swbmrbex.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\swpetqlt.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\sxbuudgg.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\sxjeqfwp.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tbaharpu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tbksbwdq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tehittam.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\thyopxit.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tibnrwtf.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tjdwncbj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tjsepsux.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tjtmviuw.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tktocnxh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tmvyepsi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tomyvlti.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tpqcdvyg.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tqrigvbs.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\trbfkthn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\trhfwymu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\trylmtcy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tsfohbmd.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ttlywcpo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tuegbbko.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\twepaeuv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\txoajgxy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\tyymmrky.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\uadkalgf.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ualfsfej.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\uapgnyrm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ubsowiau.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\udkormth.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\udqeelpa.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\udrswhkj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\uejugudi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\uerlxrjr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ugfojmos.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\uhxeacax.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\uihbopbj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ujrnhfkb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ulaamkda.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\umasbuvt.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\umbsiqps.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\umcitunx.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\umehcbhp.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\umxkkyhl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\uocwkomv.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\upitknwt.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\upvtgmbu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\uqpdxwkq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\urvlqxsu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\usdxylrl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\uuolotti.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\uyipxhph.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vbgtlatt.dll a variant of Win32/Adware.BHO.NJT application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vcbanxuv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vcerimae.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vcstlnwj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vcvirxaj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vdnoiumh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vdxdywtt.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vhkwjefr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vivqalwh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vlpxmaak.dll Win32/Adware.BHO.V application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vmekripc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vnarbsgj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vocspplv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vrbalufi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vrqcsxoe.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vskctjuo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vtxfviqs.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vuclpoat.dll Win32/Adware.BHO.V application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vugilhsa.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vujemfll.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vwqhwcjd.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vxdkwtti.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\vytbadgl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\watctigk.exe Win32/Adware.Ezula application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wbxoapra.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wdqqrdab.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wduksyna.dll Win32/Adware.BHO.V application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wftcgsll.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wgoegmfo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wgvtaviq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wigkglrk.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\winljwqn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wjhyykxi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wmeccxnl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wmemkyra.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wobnqonr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wovkwgds.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wovkwgds.ini2 Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wpfmnknr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wpkofddm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wqpdayew.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wrgpvqra.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wrhurjfb.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wthmdkfy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wtkmdbow.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wuhohiua.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wxowecdn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wyeenxge.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\wyyjksux.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xaifdlok.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xaklcwou.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xaolnlur.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xbgjylxr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xcxinmcm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xffocalk.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xfqxrhyo.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xggubfma.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xgodyspe.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xhlwtoen.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xjagqvds.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xjvakldj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xjyiapdc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xkgokncf.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xmpbwexk.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xmrpfchd.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xnlmypdy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xnugpdsa.exe Win32/Agent.NBZ trojan
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xnxbecfc.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xoeycrad.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xqcrnpro.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xshyxqhu.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xtpoatlg.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xvsijdlm.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xwoownsq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xwplbgtd.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xxpvcyln.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\xxulcfqi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ybgidlqr.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ybpjcoum.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ycdxjgao.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ycqjofvl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\yetqnvbn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\yewilobj.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\yfppuydl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ygffghwg.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ygppwbvy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\yhbrsohy.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\yhncivvh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\yjhlxasi.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ykwsikkh.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\yldngdah.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ymvmjsms.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ymyftmsq.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ynjrskfl.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ytynpfkn.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\yvbtikpv.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ywkimhje.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\ywnucpol.ini Win32/Adware.Virtumonde.NEO application
C:\_OTL\MovedFiles\11232012_180837\C_WINDOWS\system32\yycnctwn.ini Win32/Adware.Virtumonde.NEO application
sorry i took so long that last scan took over 3 hours and produced a report with over 20k characters

broni · 2013/03/23

We need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.

Run JavaRa.exe (Vista and 7 users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.

Accept any prompts.

Do NOT post JavaRa log.

====================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following:
Code:
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]
Then click the Run Fix button at the top

Let the program run unhindered, reboot the PC when it is done

Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

Double-click OTL.exe to start the program.

Close all other programs apart from OTL as this step will require a reboot

On the OTL main screen, press the CLEANUP button

Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current (Service Pack 3!!!)

4. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

8. Run Temporary File Cleaner (TFC) weekly.

9. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

10. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

11. (Windows XP only) Run defrag at your convenience.

12. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

13. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

14. Please, let me know, how your computer is doing.

Safc33 · 2013/03/23

thanks agian, just trying to download JavaRa but it keeps coming up with Internet Explorer cannot display the webpage, is this becuase im trying to do it on the infected computer? or not? i can get on a clean computer later so if i dont get a reply i will just try later but just making sure i havnt done something simple wrong first.
Thanks again

broni · 2013/03/23

Uploaded JavaRa for you here: http://www.sendspace.com/file/zogbg7

Safc33 · 2013/03/23

Sorry again but JavaRa keeps closing and saying JavaRa has encounters a problem and needs to close, anything I can do?

broni · 2013/03/23

Go to Add\Remove and uninstall:

Java(TM) 6 Update 35
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Java 2 Runtime Environment, SE v1.4.2_03

NOTE. Some of the above may not be listed. When trying to uninstall some others you may encounter an error. That's normal. Uninstall what you can.

Safc33 · 2013/03/23

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Philip Green
->Temp folder emptied: 33735835 bytes
->Temporary Internet Files folder emptied: 48572919 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 2408 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 146672962 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 219.00 mb

[EMPTYFLASH]

User: All Users
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService
->Flash cache emptied: 0 bytes

User: Philip Green
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService
->Java cache emptied: 0 bytes

User: Philip Green
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 03232013_183301

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Philip Green\Local Settings\Temp\~DF98DD.tmp not found!
File\Folder C:\Documents and Settings\Philip Green\Local Settings\Temp\~DFAD1C.tmp not found!
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\X7SC4WBQ\sky_bold[1].eot moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\X7SC4WBQ\sky_medium[1].eot moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\HMQZC07M\105052-active-internet-explorer-randomly-closing-3[1].html moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\HMQZC07M\sky_regular[1].eot moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\FDREX6ZV\expuk[1].gif moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\FDREX6ZV\fastbutton[1].htm moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\FDREX6ZV\like[1].htm moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\FDREX6ZV\p-01-0VIaSjnOLg[1].gif moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\FDREX6ZV\visitormatch[1].htm moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\7NO8WBKM\xd_arbiter[1].htm moved successfully.
C:\Documents and Settings\Philip Green\Local Settings\Temporary Internet Files\Content.IE5\7NO8WBKM\xd_arbiter[2].htm moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
computer is running well, still need to delete everything off it but need to leave the house so will do that tomorrow, again thanks for all the help

broni · 2013/03/23

Way to go!!
Good luck and stay safe

Log in or Sign up

Solved internet explorer randomly closing

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

broni Moderator Malware Analyst

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

broni Moderator Malware Analyst

Safc33 Inactive Thread Starter

broni Moderator Malware Analyst

Safc33 Inactive Thread Starter

broni Moderator Malware Analyst

Safc33 Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Solved internet explorer randomly closing

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

broni Moderator Malware Analyst

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

Safc33 Inactive Thread Starter

broni Moderator Malware Analyst

Safc33 Inactive Thread Starter

broni Moderator Malware Analyst

Safc33 Inactive Thread Starter

broni Moderator Malware Analyst

Safc33 Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches