Options
another AIM picture.pif infection
Hi,
I use Trillian for AIM, and got an IM from someone about a myspace picture...clicked on the file when I shouldn't have (it was called picture_012.pif). My computer got infected, it shut down the Windows XP firewall and made it so I couldn't get automatic updates. I did a system restore to two days earlier, which seemed to fix the problem for a few minutes, but then Symantec Antivirus stopped working. I'm also having trouble reading CDs and anything through USB ports.
Below are logs from HijackThis, Kapersky, and Panda Activescan. Thanks for your help!
HijackThis:
Kapersky:
Panda ActiveScan:
I use Trillian for AIM, and got an IM from someone about a myspace picture...clicked on the file when I shouldn't have (it was called picture_012.pif). My computer got infected, it shut down the Windows XP firewall and made it so I couldn't get automatic updates. I did a system restore to two days earlier, which seemed to fix the problem for a few minutes, but then Symantec Antivirus stopped working. I'm also having trouble reading CDs and anything through USB ports.
Below are logs from HijackThis, Kapersky, and Panda Activescan. Thanks for your help!
HijackThis:
Logfile of HijackThis v1.99.1
Scan saved at 10:34:37 PM, on 8/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Weather Watcher\ww.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Mozilla Firefox\idm\IDman.exe
C:\Program Files\hijackthis\HijackThis.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Mozilla Firefox\idm\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ymetray] "C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" -preload
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Mozilla Firefox\idm\IDman.exe /onboot
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Mozilla Firefox\idm\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Mozilla Firefox\idm\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126670147402
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
Kapersky:
KASPERSKY ONLINE SCANNER REPORT
Thursday, August 24, 2006 9:16:03 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 25/08/2006
Kaspersky Anti-Virus database records: 218100
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
Scan Statistics:
Total number of scanned objects: 39506
Number of viruses found: 4
Number of infected objects: 6 / 0
Number of suspicious objects: 0
Duration of the scan process: 00:34:03
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\WDLog-05092006-181126.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\history.dat Object is locked skipped
C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\parent.lock Object is locked skipped
C:\Documents and Settings\lab\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-5aa0b436-42491810.zip/javainstaller/InstallerApplet.class Infected: Trojan-Downloader.Java.OpenStream.w skipped
C:\Documents and Settings\lab\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-5aa0b436-42491810.zip ZIP: infected - 1 skipped
C:\Documents and Settings\lab\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\lab\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\lab\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\lab\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{6E10E79C-7F43-4BD3-AD29-720AD9261285} Object is locked skipped
C:\Documents and Settings\lab\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\lab\Local Settings\Temp\~DFC49F.tmp Object is locked skipped
C:\Documents and Settings\lab\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\lab\ntuser.dat Object is locked skipped
C:\Documents and Settings\lab\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Jack\jack's old stuff\mirc616.exe/data0001.bin Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
C:\Jack\jack's old stuff\mirc616.exe mIRC: infected - 1 skipped
C:\Jack\porn\pirates xxx\pirates\extract.exe Infected: not-a-virus:Porn-Downloader.Win32.Small.c skipped
C:\Program Files\PeerGuardian2\history.db Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\CMDOW.EXE Infected: not-a-virus:RiskTool.Win32.HideWindows skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Panda ActiveScan:
Incident Status Location
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.com.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.247realmedia.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.2o7.net/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.adrevolver.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.adultfriendfinder.com/]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.as-us.falkag.net/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.atwola.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.belnk.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.bravenet.com/]
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.burstnet.com/]
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.cs.sexcounter.com/]
Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.fortunecity.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.go.com/]
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.maxserving.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.overture.com/]
Spyware:Cookie/Peel Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.peel.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.perf.overture.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.www.myaffiliateprogram.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[.zedo.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[hc2.humanclick.com/]
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[hc2.humanclick.com/hc/24582792]
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[stat.onestat.com/]
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\lab\Application Data\Mozilla\Firefox\Profiles\z5mbg8ab.default\cookies.txt[www.burstbeacon.com/]
Adware:Adware/IST.ISTBar Not disinfected C:\Documents and Settings\lab\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-5aa0b436-42491810.zip[javainstaller/InstallerApplet.class]
Potentially unwanted tool:Application/HideWindow.S Not disinfected C:\WINDOWS\system32\CMDOW.EXE
0
Comments