Tech Support Forum - View Single Post - onlinegames.gen & heuri-e

**LYT4X** · 10-14-2007, 06:01 AM

The only problem encountered was at stage 7 of the combofix procedure which gave a warning of:

The instruction at 0x004106ac referenced memory at 0x003d7000. Memory could not be read. (I just clicked OK)

Fresh Hijack, kaspersky & Combofix logs:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:00:08, on 14/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.belmont-coms.com/acatalog
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PTHOSTTR] "C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE" /Start
O4 - HKLM\..\Run: [SetRefresh] "C:\Program Files\Compaq\SetRefresh\SetRefresh.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] "C:\Program Files\Logitech\iTouch\iTouch.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O15 - Trusted Zone: http://www.belmont-coms.com
O15 - Trusted Zone: http://london.city-link.co.uk
O15 - Trusted Zone: http://www.city-link.co.uk
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/micr...?1180686731453
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1180686695046
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 6177 bytes

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, October 14, 2007 12:57:41 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 14/10/2007
Kaspersky Anti-Virus database records: 435747
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Scan Statistics:
Total number of scanned objects: 67443
Number of viruses found: 64
Number of infected objects: 477
Number of suspicious objects: 2
Duration of the scan process: 00:45:40

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012007101420071015\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\hpodvd09.log Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFEBC7.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFEBD9.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinOnLineGamesbkz.zip/upxdnd.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinOnLineGamesbkz.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\itouch_crash_info.txt Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\cfdvpa.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\chrghj.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ehuxlg.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\fytxwo.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ghowkw.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\jielaz.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\nhcrgk.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ochtul.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\qyeksq.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\rrijtj.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\xbdooe.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ykqkqs.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\RECYCLER\S-1-5-21-2030513083-3109868045-3710038803-500\Dc2.zip/sxwjyq.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\RECYCLER\S-1-5-21-2030513083-3109868045-3710038803-500\Dc2.zip/zauowa.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\RECYCLER\S-1-5-21-2030513083-3109868045-3710038803-500\Dc2.zip ZIP: infected - 2 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\tracking.log Object is locked skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040977.DLL Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040979.EXE Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040980.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040981.DLL Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040982.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040984.dll Infected: Trojan-PSW.Win32.OnLineGames.eea skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040985.dll Infected: Trojan-PSW.Win32.OnLineGames.edm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040987.dll Infected: Trojan-PSW.Win32.OnLineGames.edo skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040988.dll Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040989.dll Infected: Trojan-PSW.Win32.OnLineGames.eec skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040990.dll Infected: Trojan-PSW.Win32.OnLineGames.elh skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040991.dll Infected: Trojan-PSW.Win32.OnLineGames.eat skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040992.dll Infected: Trojan-PSW.Win32.Nilage.bqn skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040993.dll Infected: Trojan-PSW.Win32.OnLineGames.ejo skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040994.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040996.exe Infected: Trojan-PSW.Win32.OnLineGames.efl skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040997.exe Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040998.exe Infected: Trojan-PSW.Win32.Nilage.bqn skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041005.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041006.exe Infected: Trojan-PSW.Win32.OnLineGames.edp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041007.exe Infected: Trojan-PSW.Win32.OnLineGames.eeb skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041008.exe Infected: Trojan-PSW.Win32.OnLineGames.edn skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041009.exe Infected: Trojan-PSW.Win32.OnLineGames.edd skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041040.exe Infected: Trojan-PSW.Win32.OnLineGames.eed skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041041.exe Infected: Trojan-PSW.Win32.OnLineGames.eat skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041042.DLL Infected: Trojan-PSW.Win32.Lmir.bna skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041043.exe Infected: Trojan-PSW.Win32.Lmir.bna skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041044.dll Infected: Trojan-PSW.Win32.OnLineGames.elu skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041045.exe Infected: Trojan-PSW.Win32.OnLineGames.ejo skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041046.exe Infected: Trojan-PSW.Win32.Nilage.bqm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP299\snapshot\MFEX-1.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP299\snapshot\MFEX-2.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP299\snapshot\MFEX-3.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041054.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041055.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041056.exe Infected: Trojan-PSW.Win32.OnLineGames.ejz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041057.dll Infected: Trojan-PSW.Win32.OnLineGames.ekz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041058.exe Infected: Trojan-PSW.Win32.OnLineGames.elw skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041059.dll Infected: Trojan-PSW.Win32.OnLineGames.elw skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041060.exe Infected: Trojan-PSW.Win32.OnLineGames.ejm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041061.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041062.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041063.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041064.dll Infected: Trojan-PSW.Win32.OnLineGames.eoi skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041065.exe Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041066.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041067.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041068.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041069.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041070.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041071.exe Infected: Trojan-PSW.Win32.OnLineGames.ejo skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041072.dll Infected: Trojan-PSW.Win32.OnLineGames.ejo skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041073.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041074.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041075.dll Infected: Trojan-PSW.Win32.OnLineGames.elu skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041076.exe Infected: Trojan-PSW.Win32.Nilage.bqm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041077.EXE Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041080.dll Infected: Trojan-PSW.Win32.OnLineGames.ejm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041081.dll Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041082.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041104.DLL Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041108.DLL Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041109.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041110.DLL Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041111.EXE Infected: Trojan-PSW.Win32.OnLineGames.elk skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041112.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041113.DLL Infected: Trojan-PSW.Win32.OnLineGames.eph skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041114.DLL Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041115.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041116.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041117.dll Infected: Trojan-PSW.Win32.OnLineGames.ejm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041118.dll Infected: Trojan-PSW.Win32.OnLineGames.ejo skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041119.dll Infected: Trojan-PSW.Win32.OnLineGames.elw skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041120.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041121.dll Infected: Trojan-PSW.Win32.OnLineGames.eoi skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041122.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041123.dll Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041124.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041125.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041128.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041129.exe Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041130.exe Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041131.EXE Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041137.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041138.exe Infected: Trojan-PSW.Win32.OnLineGames.elw skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041139.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041140.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041141.exe Infected: Trojan-PSW.Win32.OnLineGames.ejm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041142.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041143.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041144.exe Infected: Trojan-PSW.Win32.OnLineGames.ejo skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041145.exe Infected: Trojan-PSW.Win32.Nilage.bqm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041146.dll Infected: Trojan-PSW.Win32.OnLineGames.elu skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041147.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041148.exe Infected: Trojan-PSW.Win32.Lmir.bmp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041170.EXE Infected: Trojan-PSW.Win32.OnLineGames.elk skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\snapshot\MFEX-1.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\snapshot\MFEX-2.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\snapshot\MFEX-3.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041221.EXE Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041222.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041223.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041224.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041225.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041226.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041227.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041228.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041229.exe Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041230.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041231.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041232.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041233.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041234.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041235.exe Infected: Trojan-PSW.Win32.Nilage.bqm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041236.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\snapshot\MFEX-1.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\snapshot\MFEX-2.DAT Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\snapshot\MFEX-3.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\snapshot\MFEX-4.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042255.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042256.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042257.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042258.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042259.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042260.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042261.EXE Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\snapshot\MFEX-1.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\snapshot\MFEX-2.DAT Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042483.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042484.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042486.dll Infected: Trojan-Proxy.Win32.Agent.lv skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042490.DLL Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042493.EXE Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042498.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042499.DLL Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042500.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042501.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042502.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042503.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042504.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042505.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042506.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042507.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042508.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042509.exe Infected: Trojan-PSW.Win32.OnLineGames.dkt skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042511.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042512.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042513.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042514.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042515.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042516.exe Infected: Trojan-PSW.Win32.Lmir.bmp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042517.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042518.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042519.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042520.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042521.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042522.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042523.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042524.exe Infected: Trojan-PSW.Win32.OnLineGames.eqf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042526.dll Infected: Trojan-PSW.Win32.OnLineGames.fau skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042531.DLL Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042532.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042533.DLL Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042534.EXE Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042535.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042536.DLL Infected: Trojan-PSW.Win32.OnLineGames.eph skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042537.DLL Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042538.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042539.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042540.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042541.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042542.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042544.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042545.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042546.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042548.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042549.exe Infected: Trojan-PSW.Win32.OnLineGames.dkt skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042550.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042552.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042554.EXE Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042559.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042560.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042561.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042562.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042563.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042564.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042565.exe Infected: Trojan-PSW.Win32.OnLineGames.eqf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042566.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042567.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042568.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042569.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042570.exe Infected: Trojan-PSW.Win32.Lmir.bmp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\snapshot\MFEX-1.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\snapshot\MFEX-2.DAT Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\snapshot\MFEX-3.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042838.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042839.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042840.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042841.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042842.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042844.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042845.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042846.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042847.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042849.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042850.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042868.dll Infected: Trojan-PSW.Win32.OnLineGames.fau skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042907.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042909.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042911.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042913.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042915.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042919.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042921.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042923.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042924.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042929.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042949.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042952.DLL Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042973.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042978.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042980.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042982.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042984.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042988.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042989.dll Infected: Trojan-PSW.Win32.OnLineGames.fau skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042990.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042994.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042996.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042998.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043000.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043022.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043024.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043028.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043029.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043031.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043032.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043033.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043035.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043036.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043037.dll Infected: Trojan-PSW.Win32.OnLineGames.fau skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043064.dll Infected: Trojan-PSW.Win32.OnLineGames.eyv skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043068.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043069.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043070.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043072.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043073.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043074.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043075.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043076.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043078.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043080.dll Infected: Trojan-PSW.Win32.OnLineGames.fau skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043110.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043111.dll Infected: Trojan-PSW.Win32.OnLineGames.fak skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043113.dll Infected: Trojan-PSW.Win32.OnLineGames.fal skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043116.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043195.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043196.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043197.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043198.exe Infected: Trojan-PSW.Win32.OnLineGames.efl skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043199.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043200.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043201.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043202.exe Infected: Trojan-PSW.Win32.OnLineGames.efl skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043203.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043204.exe Infected: Trojan-PSW.Win32.OnLineGames.efl skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043205.dll Infected: Trojan-PSW.Win32.OnLineGames.dyo skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043206.exe Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043207.exe Infected: Trojan-PSW.Win32.OnLineGames.erm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043208.exe Infected: Trojan-PSW.Win32.OnLineGames.erm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043209.exe Infected: Trojan-PSW.Win32.OnLineGames.erm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043210.exe Infected: Trojan-PSW.Win32.OnLineGames.fau skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043211.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043212.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043213.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043214.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043215.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043216.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043217.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043218.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043219.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043220.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043221.exe Infected: Trojan-PSW.Win32.OnLineGames.ezx skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043222.exe Infected: Trojan-PSW.Win32.OnLineGames.ezv skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043223.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043224.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043225.exe Infected: Trojan-PSW.Win32.OnLineGames.eqf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043226.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043227.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043228.exe Infected: Trojan-PSW.Win32.OnLineGames.eqf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043229.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043230.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043231.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043232.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043233.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043234.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043236.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043237.exe Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043238.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043239.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043240.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043241.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043242.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043243.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043244.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043245.exe Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043246.exe Infected: Trojan-PSW.Win32.OnLineGames.ezz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043247.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043248.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043249.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043250.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043251.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043252.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043253.exe Infected: Trojan-PSW.Win32.OnLineGames.eyy skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043254.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043255.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043256.exe Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043257.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043258.exe Infected: Trojan-PSW.Win32.OnLineGames.eyu skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043259.exe Infected: Trojan-PSW.Win32.OnLineGames.eqf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043260.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043261.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043262.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043263.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043264.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043265.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043266.exe Infected: Trojan-PSW.Win32.OnLineGames.eyu skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043267.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043268.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043269.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043270.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043271.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043272.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043273.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043274.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043275.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043276.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043277.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043279.DLL Infected: Trojan-PSW.Win32.OnLineGames.efg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043280.DLL Infected: Virus.Win32.AutoRun.pz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043297.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043298.dll Infected: Trojan-PSW.Win32.OnLineGames.fal skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043299.dll Infected: Trojan-PSW.Win32.OnLineGames.fak skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043300.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043363.EXE Infected: Trojan-Downloader.Win32.Agent.eay skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043365.DLL Infected: Trojan-Downloader.Win32.Agent.eay skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043381.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043382.dll Infected: Trojan-PSW.Win32.OnLineGames.fal skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043383.dll Infected: Trojan-PSW.Win32.OnLineGames.fak skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043385.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043509.exe Infected: Trojan-PSW.Win32.Lmir.bmp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043510.exe Infected: Trojan-PSW.Win32.OnLineGames.eqf skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043515.DLL Infected: Trojan-Downloader.Win32.Agent.eay skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043527.dll Infected: Trojan-PSW.Win32.OnLineGames.fak skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043528.dll Infected: Trojan-PSW.Win32.OnLineGames.fal skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043529.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043530.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043559.dll Infected: Trojan-Proxy.Win32.Agent.lv skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043560.exe Infected: Trojan-PSW.Win32.Lmir.bmp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043561.EXE Infected: Trojan-Downloader.Win32.Agent.eay skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043562.dll Infected: Trojan-PSW.Win32.OnLineGames.fak skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043563.dll Infected: Trojan-PSW.Win32.OnLineGames.fal skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043564.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043565.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043574.exe Infected: Trojan-PSW.Win32.OnLineGames.egt skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043575.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043577.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043578.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043579.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043580.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043581.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043582.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043583.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043584.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043585.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043586.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043587.dll Infected: Trojan-PSW.Win32.OnLineGames.ezx skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043588.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043589.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043590.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043591.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043592.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043593.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043594.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043595.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043596.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043597.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043598.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043599.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043600.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043601.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043602.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043603.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043604.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043605.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043606.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043607.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043608.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043609.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043610.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043611.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043612.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043613.dll Infected: Trojan-PSW.Win32.OnLineGames.ezv skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043614.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043615.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043616.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043617.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043618.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043619.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043620.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043621.dll Infected: Trojan-PSW.Win32.OnLineGames.eea skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043622.dll Infected: Trojan-PSW.Win32.OnLineGames.eea skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043623.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043624.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043625.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043626.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043627.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043628.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043629.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043630.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043631.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043632.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043633.dll Infected: Trojan-PSW.Win32.OnLineGames.edm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043634.dll Infected: Trojan-PSW.Win32.OnLineGames.fbo skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043635.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043636.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043637.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043638.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043639.dll Infected: Trojan-PSW.Win32.OnLineGames.ejm skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043640.dll Infected: Trojan-PSW.Win32.OnLineGames.elw skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043641.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043642.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043643.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043644.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043645.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043646.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043647.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043648.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043649.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043650.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043651.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043652.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043654.dll Infected: Trojan-PSW.Win32.OnLineGames.fal skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043655.dll Infected: Trojan-PSW.Win32.OnLineGames.fak skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043656.dll Infected: Trojan-PSW.Win32.OnLineGames.ezz skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043658.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043659.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043660.dll Infected: Trojan-PSW.Win32.OnLineGames.eyv skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043665.exe Infected: Trojan-PSW.Win32.Lmir.bmp skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043827.dll Infected: Trojan-PSW.Win32.OnLineGames.fau skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043967.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043968.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043969.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043970.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043971.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043972.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043973.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043974.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043976.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043977.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043978.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043979.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped
C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\change.log Object is locked skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

ComboFix 07-10-14.1 - Administrator 2007-10-14 11:36:50.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1638 [GMT 1:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Desktop\CFScript.txt
* Created a new restore point

FILE::
C:\WINDOWS\system32\80FEE47E.EXE
C:\WINDOWS\system32\cfdvpa.dll
C:\WINDOWS\system32\chrghj.dll
C:\WINDOWS\system32\ehuxlg.dll
C:\WINDOWS\system32\fytxwo.dll
C:\WINDOWS\system32\ghowkw.dll
C:\WINDOWS\system32\jielaz.dll
C:\WINDOWS\system32\mhsha1.dat
C:\WINDOWS\system32\nhcrgk.dll
C:\WINDOWS\system32\ochtul.dll
C:\WINDOWS\system32\poaywc.dll
C:\WINDOWS\system32\qyeksq.dll
C:\WINDOWS\system32\rrijtj.dll
C:\WINDOWS\system32\xbdooe.dll
C:\WINDOWS\system32\ykqkqs.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\cfdvpa.dll
C:\WINDOWS\system32\chrghj.dll
C:\WINDOWS\system32\ehuxlg.dll
C:\WINDOWS\system32\fytxwo.dll
C:\WINDOWS\system32\ghowkw.dll
C:\WINDOWS\system32\jielaz.dll
C:\WINDOWS\system32\mhsha1.dat
C:\WINDOWS\system32\nhcrgk.dll
C:\WINDOWS\system32\ochtul.dll
C:\WINDOWS\system32\poaywc.dll
C:\WINDOWS\system32\qyeksq.dll
C:\WINDOWS\system32\rrijtj.dll
C:\WINDOWS\system32\SHQ.DLL
C:\WINDOWS\system32\sxwjyq.dll
C:\WINDOWS\system32\xbdooe.dll
C:\WINDOWS\system32\ykqkqs.dll
C:\WINDOWS\system32\zauowa.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_1E3F603C
-------\1E3F603C

((((((((((((((((((((((((( Files Created from 2007-09-14 to 2007-10-14 )))))))))))))))))))))))))))))))
.

2007-10-14 11:08 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-12 14:16 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-10-12 09:41 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2007-10-12 09:41 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2007-10-12 09:41 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2007-10-12 09:41 163,128 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys
2007-10-12 09:41 23,864 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2007-10-12 09:41 21,816 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys
2007-10-12 09:41 20,280 --a------ C:\WINDOWS\system32\drivers\SSFS0BB8.sys
2007-10-12 09:40 <DIR> d-------- C:\Program Files\Webroot
2007-10-12 09:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2007-10-12 09:40 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Webroot
2007-10-12 09:40 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Webroot
2007-10-12 09:40 1,521,464 --a------ C:\WINDOWS\WRSetup.dll
2007-10-12 09:35 164 --a------ C:\install.dat
2007-10-10 19:09 <DIR> d-------- C:\Program Files\Trend Micro
2007-10-10 13:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-10-10 10:25 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2007-10-10 09:00 582,656 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-09-17 17:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\EPSON
2007-09-15 15:03 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-09-15 15:01 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-09-15 15:01 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-03 13:46 --------- d-----w C:\Program Files\DesignPro
2007-10-01 08:35 --------- d-----w C:\Documents and Settings\Administrator\Application Data\MailWasherPro
2007-10-01 08:35 --------- d-----w C:\Documents and Settings\Administrator\Application Data\MailWasherPro
2007-09-19 11:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
.

((((((((((((((((((((((((((((( snapshot@2007-10-14_11.11.18.23 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-10-14 09:51:55 41,292 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2007-10-14 10:35:20 41,292 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-10-14 09:51:55 315,282 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2007-10-14 10:35:20 315,282 ----a-w C:\WINDOWS\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-04-05 15:22]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-04-05 15:19]
"RTHDCPL"="RTHDCPL.EXE" [2005-03-08 13:26 C:\WINDOWS\RTHDCPL.EXE]
"PTHOSTTR"="C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.exe" [2005-10-04 23:23]
"SetRefresh"="C:\Program Files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 19:01]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2003-12-01 11:38]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 10:50 C:\WINDOWS\LOGI_MWX.EXE]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2006-01-12 20:52]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-01 09:44]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-BA7E-000000000002}\SC_Acrobat.exe [2006-08-30 18:45:59]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders rpasspc.dll, msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AClntUsr]
C:\Program Files\Aclient\AClntUsr.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinSysM]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AClient"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"High Definition Audio Property Page Shortcut"=HDAShCut.exe
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
"Persistence"=C:\WINDOWS\system32\igfxpers.exe

R0 SSFS0BB8;Spy Sweeper File System Filer Driver: 0BB8;C:\WINDOWS\system32\Drivers\SSFS0BB8.SYS
R2 CommSBEP;CommSBEP;C:\WINDOWS\system32\drivers\CommSBEP.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 Pml Driver HPZ12 Net Driver HPZ12

.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-14 11:40:54
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-14 11:41:53 - machine was rebooted
C:\ComboFix2.txt ... 2007-10-14 11:11
.
--- E O F ---

10-14-2007, 06:01 AM	#8 (permalink)
LYT4X I helped the forums. Join Date: Oct 2007 Location: Scotland Posts: 33 OS: XP Pro SP2	Re: onlinegames.gen & heuri-e The only problem encountered was at stage 7 of the combofix procedure which gave a warning of: The instruction at 0x004106ac referenced memory at 0x003d7000. Memory could not be read. (I just clicked OK) Fresh Hijack, kaspersky & Combofix logs: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:00:08, on 14/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.belmont-coms.com/acatalog R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [PTHOSTTR] "C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE" /Start O4 - HKLM\..\Run: [SetRefresh] "C:\Program Files\Compaq\SetRefresh\SetRefresh.exe" O4 - HKLM\..\Run: [zBrowser Launcher] "C:\Program Files\Logitech\iTouch\iTouch.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O15 - Trusted Zone: http://www.belmont-coms.com O15 - Trusted Zone: http://london.city-link.co.uk O15 - Trusted Zone: http://www.city-link.co.uk O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/micr...?1180686731453 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1180686695046 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- End of file - 6177 bytes ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Sunday, October 14, 2007 12:57:41 PM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 14/10/2007 Kaspersky Anti-Virus database records: 435747 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ F:\ G:\ H:\ I:\ Scan Statistics: Total number of scanned objects: 67443 Number of viruses found: 64 Number of infected objects: 477 Number of suspicious objects: 2 Duration of the scan process: 00:45:40 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012007101420071015\index.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temp\hpodvd09.log Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temp\~DFEBC7.tmp Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temp\~DFEBD9.tmp Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Administrator\ntuser.dat Object is locked skipped C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinOnLineGamesbkz.zip/upxdnd.exe Suspicious: Password-protected-EXE skipped C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinOnLineGamesbkz.zip ZIP: suspicious - 1 skipped C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\itouch_crash_info.txt Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped C:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped C:\qoobox\Quarantine\C\WINDOWS\system32\cfdvpa.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\qoobox\Quarantine\C\WINDOWS\system32\chrghj.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\qoobox\Quarantine\C\WINDOWS\system32\ehuxlg.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\qoobox\Quarantine\C\WINDOWS\system32\fytxwo.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\qoobox\Quarantine\C\WINDOWS\system32\ghowkw.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\qoobox\Quarantine\C\WINDOWS\system32\jielaz.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\qoobox\Quarantine\C\WINDOWS\system32\nhcrgk.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\qoobox\Quarantine\C\WINDOWS\system32\ochtul.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\qoobox\Quarantine\C\WINDOWS\system32\qyeksq.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\qoobox\Quarantine\C\WINDOWS\system32\rrijtj.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\qoobox\Quarantine\C\WINDOWS\system32\xbdooe.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\qoobox\Quarantine\C\WINDOWS\system32\ykqkqs.dll.vir Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\RECYCLER\S-1-5-21-2030513083-3109868045-3710038803-500\Dc2.zip/sxwjyq.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\RECYCLER\S-1-5-21-2030513083-3109868045-3710038803-500\Dc2.zip/zauowa.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\RECYCLER\S-1-5-21-2030513083-3109868045-3710038803-500\Dc2.zip ZIP: infected - 2 skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\tracking.log Object is locked skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040977.DLL Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040979.EXE Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040980.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040981.DLL Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040982.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040984.dll Infected: Trojan-PSW.Win32.OnLineGames.eea skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040985.dll Infected: Trojan-PSW.Win32.OnLineGames.edm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040987.dll Infected: Trojan-PSW.Win32.OnLineGames.edo skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040988.dll Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040989.dll Infected: Trojan-PSW.Win32.OnLineGames.eec skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040990.dll Infected: Trojan-PSW.Win32.OnLineGames.elh skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040991.dll Infected: Trojan-PSW.Win32.OnLineGames.eat skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040992.dll Infected: Trojan-PSW.Win32.Nilage.bqn skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040993.dll Infected: Trojan-PSW.Win32.OnLineGames.ejo skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040994.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040996.exe Infected: Trojan-PSW.Win32.OnLineGames.efl skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040997.exe Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0040998.exe Infected: Trojan-PSW.Win32.Nilage.bqn skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041005.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041006.exe Infected: Trojan-PSW.Win32.OnLineGames.edp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041007.exe Infected: Trojan-PSW.Win32.OnLineGames.eeb skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041008.exe Infected: Trojan-PSW.Win32.OnLineGames.edn skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041009.exe Infected: Trojan-PSW.Win32.OnLineGames.edd skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041040.exe Infected: Trojan-PSW.Win32.OnLineGames.eed skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041041.exe Infected: Trojan-PSW.Win32.OnLineGames.eat skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041042.DLL Infected: Trojan-PSW.Win32.Lmir.bna skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041043.exe Infected: Trojan-PSW.Win32.Lmir.bna skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041044.dll Infected: Trojan-PSW.Win32.OnLineGames.elu skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041045.exe Infected: Trojan-PSW.Win32.OnLineGames.ejo skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP298\A0041046.exe Infected: Trojan-PSW.Win32.Nilage.bqm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP299\snapshot\MFEX-1.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP299\snapshot\MFEX-2.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP299\snapshot\MFEX-3.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041054.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041055.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041056.exe Infected: Trojan-PSW.Win32.OnLineGames.ejz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041057.dll Infected: Trojan-PSW.Win32.OnLineGames.ekz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041058.exe Infected: Trojan-PSW.Win32.OnLineGames.elw skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041059.dll Infected: Trojan-PSW.Win32.OnLineGames.elw skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041060.exe Infected: Trojan-PSW.Win32.OnLineGames.ejm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041061.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041062.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041063.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041064.dll Infected: Trojan-PSW.Win32.OnLineGames.eoi skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041065.exe Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041066.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041067.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041068.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041069.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041070.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041071.exe Infected: Trojan-PSW.Win32.OnLineGames.ejo skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041072.dll Infected: Trojan-PSW.Win32.OnLineGames.ejo skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041073.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041074.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041075.dll Infected: Trojan-PSW.Win32.OnLineGames.elu skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041076.exe Infected: Trojan-PSW.Win32.Nilage.bqm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041077.EXE Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041080.dll Infected: Trojan-PSW.Win32.OnLineGames.ejm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041081.dll Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041082.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041104.DLL Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041108.DLL Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041109.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041110.DLL Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041111.EXE Infected: Trojan-PSW.Win32.OnLineGames.elk skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041112.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041113.DLL Infected: Trojan-PSW.Win32.OnLineGames.eph skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041114.DLL Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041115.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041116.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041117.dll Infected: Trojan-PSW.Win32.OnLineGames.ejm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041118.dll Infected: Trojan-PSW.Win32.OnLineGames.ejo skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041119.dll Infected: Trojan-PSW.Win32.OnLineGames.elw skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041120.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041121.dll Infected: Trojan-PSW.Win32.OnLineGames.eoi skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041122.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041123.dll Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041124.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041125.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041128.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041129.exe Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041130.exe Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041131.EXE Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041137.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041138.exe Infected: Trojan-PSW.Win32.OnLineGames.elw skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041139.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041140.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041141.exe Infected: Trojan-PSW.Win32.OnLineGames.ejm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041142.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041143.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041144.exe Infected: Trojan-PSW.Win32.OnLineGames.ejo skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041145.exe Infected: Trojan-PSW.Win32.Nilage.bqm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041146.dll Infected: Trojan-PSW.Win32.OnLineGames.elu skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041147.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041148.exe Infected: Trojan-PSW.Win32.Lmir.bmp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\A0041170.EXE Infected: Trojan-PSW.Win32.OnLineGames.elk skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\snapshot\MFEX-1.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\snapshot\MFEX-2.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP300\snapshot\MFEX-3.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041221.EXE Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041222.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041223.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041224.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041225.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041226.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041227.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041228.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041229.exe Infected: Trojan-PSW.Win32.OnLineGames.dgi skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041230.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041231.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041232.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041233.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041234.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041235.exe Infected: Trojan-PSW.Win32.Nilage.bqm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\A0041236.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\snapshot\MFEX-1.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\snapshot\MFEX-2.DAT Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\snapshot\MFEX-3.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP301\snapshot\MFEX-4.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042255.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042256.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042257.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042258.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042259.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042260.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\A0042261.EXE Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\snapshot\MFEX-1.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP302\snapshot\MFEX-2.DAT Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042483.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042484.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042486.dll Infected: Trojan-Proxy.Win32.Agent.lv skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042490.DLL Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042493.EXE Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042498.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042499.DLL Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042500.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042501.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042502.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042503.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042504.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042505.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042506.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042507.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042508.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042509.exe Infected: Trojan-PSW.Win32.OnLineGames.dkt skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042511.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042512.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042513.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042514.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042515.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042516.exe Infected: Trojan-PSW.Win32.Lmir.bmp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042517.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042518.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042519.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042520.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042521.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042522.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042523.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042524.exe Infected: Trojan-PSW.Win32.OnLineGames.eqf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042526.dll Infected: Trojan-PSW.Win32.OnLineGames.fau skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042531.DLL Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042532.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042533.DLL Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042534.EXE Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042535.DLL Infected: Trojan-PSW.Win32.OnLineGames.efr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042536.DLL Infected: Trojan-PSW.Win32.OnLineGames.eph skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042537.DLL Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042538.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042539.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042540.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042541.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042542.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042544.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042545.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042546.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042548.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042549.exe Infected: Trojan-PSW.Win32.OnLineGames.dkt skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042550.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042552.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042554.EXE Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042559.EXE Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042560.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042561.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042562.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042563.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042564.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042565.exe Infected: Trojan-PSW.Win32.OnLineGames.eqf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042566.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042567.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042568.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042569.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\A0042570.exe Infected: Trojan-PSW.Win32.Lmir.bmp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\snapshot\MFEX-1.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\snapshot\MFEX-2.DAT Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP303\snapshot\MFEX-3.DAT Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042838.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042839.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042840.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042841.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042842.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042844.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042845.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042846.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042847.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042849.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042850.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042868.dll Infected: Trojan-PSW.Win32.OnLineGames.fau skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042907.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042909.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042911.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042913.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042915.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042919.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042921.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042923.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042924.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042929.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042949.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042952.DLL Infected: Trojan-PSW.Win32.OnLineGames.ezp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042973.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042978.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042980.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042982.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042984.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042988.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042989.dll Infected: Trojan-PSW.Win32.OnLineGames.fau skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042990.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042994.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042996.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0042998.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043000.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043022.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043024.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043028.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043029.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043031.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043032.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043033.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043035.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043036.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP304\A0043037.dll Infected: Trojan-PSW.Win32.OnLineGames.fau skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043064.dll Infected: Trojan-PSW.Win32.OnLineGames.eyv skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043068.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043069.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043070.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043072.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043073.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043074.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043075.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043076.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043078.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043080.dll Infected: Trojan-PSW.Win32.OnLineGames.fau skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043110.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043111.dll Infected: Trojan-PSW.Win32.OnLineGames.fak skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043113.dll Infected: Trojan-PSW.Win32.OnLineGames.fal skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043116.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043195.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043196.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043197.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043198.exe Infected: Trojan-PSW.Win32.OnLineGames.efl skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043199.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043200.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043201.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043202.exe Infected: Trojan-PSW.Win32.OnLineGames.efl skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043203.dll Infected: Trojan-PSW.Win32.Nilage.bql skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043204.exe Infected: Trojan-PSW.Win32.OnLineGames.efl skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043205.dll Infected: Trojan-PSW.Win32.OnLineGames.dyo skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043206.exe Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043207.exe Infected: Trojan-PSW.Win32.OnLineGames.erm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043208.exe Infected: Trojan-PSW.Win32.OnLineGames.erm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043209.exe Infected: Trojan-PSW.Win32.OnLineGames.erm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043210.exe Infected: Trojan-PSW.Win32.OnLineGames.fau skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043211.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043212.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043213.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043214.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043215.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043216.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043217.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043218.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043219.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043220.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043221.exe Infected: Trojan-PSW.Win32.OnLineGames.ezx skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043222.exe Infected: Trojan-PSW.Win32.OnLineGames.ezv skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043223.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043224.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043225.exe Infected: Trojan-PSW.Win32.OnLineGames.eqf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043226.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043227.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043228.exe Infected: Trojan-PSW.Win32.OnLineGames.eqf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043229.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043230.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043231.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043232.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043233.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043234.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043236.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043237.exe Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043238.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043239.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043240.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043241.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043242.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043243.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043244.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043245.exe Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043246.exe Infected: Trojan-PSW.Win32.OnLineGames.ezz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043247.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043248.exe Infected: Trojan-PSW.Win32.OnLineGames.elf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043249.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043250.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043251.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043252.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043253.exe Infected: Trojan-PSW.Win32.OnLineGames.eyy skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043254.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043255.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043256.exe Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043257.exe Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043258.exe Infected: Trojan-PSW.Win32.OnLineGames.eyu skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043259.exe Infected: Trojan-PSW.Win32.OnLineGames.eqf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043260.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043261.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043262.exe Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043263.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043264.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043265.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043266.exe Infected: Trojan-PSW.Win32.OnLineGames.eyu skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043267.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043268.exe Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043269.exe Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043270.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043271.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043272.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043273.exe Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043274.exe Infected: Trojan-PSW.Win32.OnLineGames.eoh skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043275.exe Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043276.exe Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043277.exe Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043279.DLL Infected: Trojan-PSW.Win32.OnLineGames.efg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043280.DLL Infected: Virus.Win32.AutoRun.pz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043297.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043298.dll Infected: Trojan-PSW.Win32.OnLineGames.fal skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043299.dll Infected: Trojan-PSW.Win32.OnLineGames.fak skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043300.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043363.EXE Infected: Trojan-Downloader.Win32.Agent.eay skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043365.DLL Infected: Trojan-Downloader.Win32.Agent.eay skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043381.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043382.dll Infected: Trojan-PSW.Win32.OnLineGames.fal skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043383.dll Infected: Trojan-PSW.Win32.OnLineGames.fak skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP305\A0043385.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043509.exe Infected: Trojan-PSW.Win32.Lmir.bmp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043510.exe Infected: Trojan-PSW.Win32.OnLineGames.eqf skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043515.DLL Infected: Trojan-Downloader.Win32.Agent.eay skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043527.dll Infected: Trojan-PSW.Win32.OnLineGames.fak skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043528.dll Infected: Trojan-PSW.Win32.OnLineGames.fal skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043529.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP306\A0043530.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043559.dll Infected: Trojan-Proxy.Win32.Agent.lv skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043560.exe Infected: Trojan-PSW.Win32.Lmir.bmp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043561.EXE Infected: Trojan-Downloader.Win32.Agent.eay skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043562.dll Infected: Trojan-PSW.Win32.OnLineGames.fak skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043563.dll Infected: Trojan-PSW.Win32.OnLineGames.fal skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043564.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP307\A0043565.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043574.exe Infected: Trojan-PSW.Win32.OnLineGames.egt skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043575.DLL Infected: Trojan-PSW.Win32.Lmir.bmq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043577.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043578.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043579.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043580.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043581.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043582.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043583.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043584.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043585.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043586.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043587.dll Infected: Trojan-PSW.Win32.OnLineGames.ezx skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043588.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043589.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043590.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043591.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043592.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043593.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043594.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043595.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043596.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043597.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043598.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043599.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043600.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043601.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043602.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043603.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043604.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043605.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043606.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043607.dll Infected: Trojan-PSW.Win32.OnLineGames.eqg skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043608.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043609.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043610.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043611.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043612.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043613.dll Infected: Trojan-PSW.Win32.OnLineGames.ezv skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043614.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043615.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043616.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043617.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043618.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043619.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043620.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043621.dll Infected: Trojan-PSW.Win32.OnLineGames.eea skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043622.dll Infected: Trojan-PSW.Win32.OnLineGames.eea skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043623.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043624.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043625.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043626.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043627.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043628.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043629.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043630.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043631.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043632.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043633.dll Infected: Trojan-PSW.Win32.OnLineGames.edm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043634.dll Infected: Trojan-PSW.Win32.OnLineGames.fbo skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043635.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043636.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043637.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043638.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043639.dll Infected: Trojan-PSW.Win32.OnLineGames.ejm skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043640.dll Infected: Trojan-PSW.Win32.OnLineGames.elw skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043641.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043642.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043643.dll Infected: Trojan-PSW.Win32.OnLineGames.eno skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043644.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043645.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043646.dll Infected: Trojan-PSW.Win32.OnLineGames.enr skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043647.dll Infected: Trojan-PSW.Win32.OnLineGames.eln skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043648.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043649.dll Infected: Trojan-PSW.Win32.OnLineGames.enq skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043650.dll Infected: Trojan-PSW.Win32.OnLineGames.enp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043651.dll Infected: Trojan-PSW.Win32.OnLineGames.ens skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043652.dll Infected: Trojan-PSW.Win32.OnLineGames.ems skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043654.dll Infected: Trojan-PSW.Win32.OnLineGames.fal skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043655.dll Infected: Trojan-PSW.Win32.OnLineGames.fak skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043656.dll Infected: Trojan-PSW.Win32.OnLineGames.ezz skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043658.dll Infected: Trojan-PSW.Win32.OnLineGames.eli skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043659.dll Infected: Trojan-PSW.Win32.OnLineGames.fbb skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043660.dll Infected: Trojan-PSW.Win32.OnLineGames.eyv skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043665.exe Infected: Trojan-PSW.Win32.Lmir.bmp skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP308\A0043827.dll Infected: Trojan-PSW.Win32.OnLineGames.fau skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043967.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043968.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043969.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043970.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043971.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043972.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043973.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043974.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043976.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043977.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043978.dll Infected: Trojan-PSW.Win32.OnLineGames.enc skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\A0043979.dll Infected: Trojan-PSW.Win32.OnLineGames.eog skipped C:\System Volume Information\_restore{D0D4C289-1775-4E84-B8F1-E8133151EDAF}\RP310\change.log Object is locked skipped C:\WINDOWS\CSC\00000001 Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. ComboFix 07-10-14.1 - Administrator 2007-10-14 11:36:50.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1638 [GMT 1:00] Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Administrator\Desktop\CFScript.txt * Created a new restore point FILE:: C:\WINDOWS\system32\80FEE47E.EXE C:\WINDOWS\system32\cfdvpa.dll C:\WINDOWS\system32\chrghj.dll C:\WINDOWS\system32\ehuxlg.dll C:\WINDOWS\system32\fytxwo.dll C:\WINDOWS\system32\ghowkw.dll C:\WINDOWS\system32\jielaz.dll C:\WINDOWS\system32\mhsha1.dat C:\WINDOWS\system32\nhcrgk.dll C:\WINDOWS\system32\ochtul.dll C:\WINDOWS\system32\poaywc.dll C:\WINDOWS\system32\qyeksq.dll C:\WINDOWS\system32\rrijtj.dll C:\WINDOWS\system32\xbdooe.dll C:\WINDOWS\system32\ykqkqs.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\cfdvpa.dll C:\WINDOWS\system32\chrghj.dll C:\WINDOWS\system32\ehuxlg.dll C:\WINDOWS\system32\fytxwo.dll C:\WINDOWS\system32\ghowkw.dll C:\WINDOWS\system32\jielaz.dll C:\WINDOWS\system32\mhsha1.dat C:\WINDOWS\system32\nhcrgk.dll C:\WINDOWS\system32\ochtul.dll C:\WINDOWS\system32\poaywc.dll C:\WINDOWS\system32\qyeksq.dll C:\WINDOWS\system32\rrijtj.dll C:\WINDOWS\system32\SHQ.DLL C:\WINDOWS\system32\sxwjyq.dll C:\WINDOWS\system32\xbdooe.dll C:\WINDOWS\system32\ykqkqs.dll C:\WINDOWS\system32\zauowa.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_1E3F603C -------\1E3F603C ((((((((((((((((((((((((( Files Created from 2007-09-14 to 2007-10-14 ))))))))))))))))))))))))))))))) . 2007-10-14 11:08 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-12 14:16 <DIR> d-------- C:\Program Files\SpywareBlaster 2007-10-12 09:41 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot 2007-10-12 09:41 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot 2007-10-12 09:41 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot 2007-10-12 09:41 163,128 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys 2007-10-12 09:41 23,864 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys 2007-10-12 09:41 21,816 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys 2007-10-12 09:41 20,280 --a------ C:\WINDOWS\system32\drivers\SSFS0BB8.sys 2007-10-12 09:40 <DIR> d-------- C:\Program Files\Webroot 2007-10-12 09:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Webroot 2007-10-12 09:40 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Webroot 2007-10-12 09:40 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Webroot 2007-10-12 09:40 1,521,464 --a------ C:\WINDOWS\WRSetup.dll 2007-10-12 09:35 164 --a------ C:\install.dat 2007-10-10 19:09 <DIR> d-------- C:\Program Files\Trend Micro 2007-10-10 13:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-10-10 10:25 <DIR> d-------- C:\WINDOWS\system32\NtmsData 2007-10-10 09:00 582,656 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll 2007-09-17 17:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\EPSON 2007-09-15 15:03 <DIR> d-------- C:\Program Files\Windows Media Connect 2 2007-09-15 15:01 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2007-09-15 15:01 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-03 13:46 --------- d-----w C:\Program Files\DesignPro 2007-10-01 08:35 --------- d-----w C:\Documents and Settings\Administrator\Application Data\MailWasherPro 2007-10-01 08:35 --------- d-----w C:\Documents and Settings\Administrator\Application Data\MailWasherPro 2007-09-19 11:44 --------- d--h--w C:\Program Files\InstallShield Installation Information . ((((((((((((((((((((((((((((( snapshot@2007-10-14_11.11.18.23 ))))))))))))))))))))))))))))))))))))))))) . - 2007-10-14 09:51:55 41,292 ----a-w C:\WINDOWS\system32\perfc009.dat + 2007-10-14 10:35:20 41,292 ----a-w C:\WINDOWS\system32\perfc009.dat - 2007-10-14 09:51:55 315,282 ----a-w C:\WINDOWS\system32\perfh009.dat + 2007-10-14 10:35:20 315,282 ----a-w C:\WINDOWS\system32\perfh009.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-04-05 15:22] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-04-05 15:19] "RTHDCPL"="RTHDCPL.EXE" [2005-03-08 13:26 C:\WINDOWS\RTHDCPL.EXE] "PTHOSTTR"="C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.exe" [2005-10-04 23:23] "SetRefresh"="C:\Program Files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 19:01] "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2003-12-01 11:38] "Logitech Utility"="Logi_MwX.Exe" [2003-11-07 10:50 C:\WINDOWS\LOGI_MWX.EXE] "Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2006-01-12 20:52] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-01 09:44] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-BA7E-000000000002}\SC_Acrobat.exe [2006-08-30 18:45:59] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders rpasspc.dll, msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AClntUsr] C:\Program Files\Aclient\AClntUsr.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinSysM] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "AClient"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "High Definition Audio Property Page Shortcut"=HDAShCut.exe "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe "Persistence"=C:\WINDOWS\system32\igfxpers.exe R0 SSFS0BB8;Spy Sweeper File System Filer Driver: 0BB8;C:\WINDOWS\system32\Drivers\SSFS0BB8.SYS R2 CommSBEP;CommSBEP;C:\WINDOWS\system32\drivers\CommSBEP.sys [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 Pml Driver HPZ12 Net Driver HPZ12 . ************************************************************************ catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-14 11:40:54 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2007-10-14 11:41:53 - machine was rebooted C:\ComboFix2.txt ... 2007-10-14 11:11 . --- E O F ---