jwheatley
2007-02-13, 10:04
Hi,
I have read a variety of threads and have followed the "Before You Post" recommendations. I have completed the Spybot scan and fix in safe mode and am now at the point where the I need help. The below log is from an online scan using Kaspersky:
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, February 13, 2007 11:03:46 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 13/02/2007
Kaspersky Anti-Virus database records: 267150
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
H:\
Scan Statistics:
Total number of scanned objects: 149513
Number of viruses found: 13
Number of infected objects: 28 / 0
Number of suspicious objects: 0
Duration of the scan process: 03:24:44
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\log.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\logout.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\Events.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{0E1AACF2-7078-42C7-9864-573AFCF493B3}.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{5BB6DB9A-4D63-49DB-9826-FF2154E6DE0E}.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{72F56374-9539-4E1B-8BB0-CDD4651864BA}.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\APH.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\MSKWMDB.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\RBLDB.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\settingsdb.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFR1.tmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Logs\OAS.Log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12172006-170345.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Ooze Bias Bone Blue\atom upload.exe Infected: Trojan.Win32.Inject.au skipped
C:\Documents and Settings\All Users\Application Data\Ooze Bias Bone Blue\lessaudiopile Object is locked skipped
C:\Documents and Settings\Francesca Wheatley\Local Settings\Temp\hsperfdata_Francesca Wheatley\2612 Object is locked skipped
C:\Documents and Settings\Francesca Wheatley\Local Settings\Temporary Internet Files\AntiPhishing\07FB382D-AA75-4683-82F4-EAB265A275CB.dat Object is locked skipped
C:\Documents and Settings\Francesca Wheatley\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Francesca Wheatley\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Francesca Wheatley\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Guest\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Guest\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Jason Wheatley\.housecall6.6\Quarantine\MWSBAR.DLL.bac_a03888 Infected: not-a-virus:AdTool.Win32.MyWebSearch.p skipped
C:\Documents and Settings\Jason Wheatley\.housecall6.6\Quarantine\MWSOESTB.DLL.bac_a03888 Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Jason Wheatley\.housecall6.6\Quarantine\MWSSRCAS.DLL.bac_a03888 Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\Documents and Settings\Jason Wheatley\Application Data\McAfee\MBK\ARBUSFILE.GDB Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Application Data\SiteAdvisor\SiteAdv.csh Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\ApplicationHistory\McAfeeDataBackup.exe.e548c4c.ini.inuse Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{80847A91-408E-4429-83E3-BA8B497FC401} Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\History\History.IE5\MSHist012007021320070214\index.dat Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Temp\fb_2756.lck Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Temp\Perflib_Perfdata_f98.dat Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Temp\~DF3520.tmp Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jason Wheatley\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Jason Wheatley\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\00000002.ps1 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\00000002.ps2 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\00010002.ci Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\cicat.fid Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\cicat.hsh Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiCL0001.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiP10000.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiP20000.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiPT0000.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiSL0001.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiSP0000.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiST0000.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiVP0000.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\INDEX.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\propstor.bk1 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\propstor.bk2 Object is locked skipped
C:\Program Files\FunWebProducts\Installr\2.bin\F3EZSETP.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.e skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\BWDocMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\BWInfopakMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\chandir.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\chandir.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\chn.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\chn.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\inuse.txt Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\L0000032.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\main.log Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_die.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_die.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\storydb.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\storydb.idx Object is locked skipped
C:\Program Files\MSN Messenger\riched20.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.d skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.z skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.f skipped
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.p skipped
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ab skipped
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\System Volume Information\catalog.wci\00000002.ps1 Object is locked skipped
C:\System Volume Information\catalog.wci\00000002.ps2 Object is locked skipped
C:\System Volume Information\catalog.wci\00010004.ci Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.fid Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.hsh Object is locked skipped
C:\System Volume Information\catalog.wci\CiCL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP10000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP20000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiPT0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiST0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiVP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\INDEX.000 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk1 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk2 Object is locked skipped
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP146\A0003493.exe Infected: Trojan.Win32.Inject.au skipped
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP149\change.log Object is locked skipped
C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{4C901E65-2A99-4AD9-8354-149B31ABF4A7}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\f3PSSavr.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\fb_1880.lck Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_14c.dat Object is locked skipped
C:\WINDOWS\Temp\sqlite_14YED4ot27hKPiM Object is locked skipped
C:\WINDOWS\Temp\sqlite_2yr9PDLoqA8LRej Object is locked skipped
C:\WINDOWS\Temp\sqlite_6ehMUozsG4ise7M Object is locked skipped
C:\WINDOWS\Temp\sqlite_7ZsIpRnk1MeK73t Object is locked skipped
C:\WINDOWS\Temp\sqlite_A2pnJMHkcIix75t Object is locked skipped
C:\WINDOWS\Temp\sqlite_BArCnuysQvddkPY Object is locked skipped
C:\WINDOWS\Temp\sqlite_BOAUzmcjaQZawgt Object is locked skipped
C:\WINDOWS\Temp\sqlite_D7aCcieCmwrD40Z Object is locked skipped
C:\WINDOWS\Temp\sqlite_dLhZV6w7XFmbVOq Object is locked skipped
C:\WINDOWS\Temp\sqlite_ecRSMsAlQ3Ohi3C Object is locked skipped
C:\WINDOWS\Temp\sqlite_h5iO9wI3cW77Fec Object is locked skipped
C:\WINDOWS\Temp\sqlite_hMxvcVy3wq11pkL Object is locked skipped
C:\WINDOWS\Temp\sqlite_HQJ672iL4iUz9wm Object is locked skipped
C:\WINDOWS\Temp\sqlite_nyBY0SnHtr2cBic Object is locked skipped
C:\WINDOWS\Temp\sqlite_P8ldFWURzLlujo7 Object is locked skipped
C:\WINDOWS\Temp\sqlite_tQWU7BOvyr21n4O Object is locked skipped
C:\WINDOWS\Temp\sqlite_wrGGhgwkhS7IPkW Object is locked skipped
C:\WINDOWS\Temp\sqlite_yxNolp6c5T7PU9U Object is locked skipped
C:\WINDOWS\Temp\sqlite_ZWRzLPo2akqxmzp Object is locked skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\{00000002-00000000-00000000-00001102-00000004-10031102}.CDF Object is locked skipped
H:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
H:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP149\change.log Object is locked skipped
Scan process completed.
Thanks in advance,
Jason
I have read a variety of threads and have followed the "Before You Post" recommendations. I have completed the Spybot scan and fix in safe mode and am now at the point where the I need help. The below log is from an online scan using Kaspersky:
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, February 13, 2007 11:03:46 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 13/02/2007
Kaspersky Anti-Virus database records: 267150
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
H:\
Scan Statistics:
Total number of scanned objects: 149513
Number of viruses found: 13
Number of infected objects: 28 / 0
Number of suspicious objects: 0
Duration of the scan process: 03:24:44
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\log.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\logout.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\Events.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{0E1AACF2-7078-42C7-9864-573AFCF493B3}.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{5BB6DB9A-4D63-49DB-9826-FF2154E6DE0E}.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{72F56374-9539-4E1B-8BB0-CDD4651864BA}.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\APH.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\MSKWMDB.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\RBLDB.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\settingsdb.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFR1.tmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Logs\OAS.Log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12172006-170345.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Ooze Bias Bone Blue\atom upload.exe Infected: Trojan.Win32.Inject.au skipped
C:\Documents and Settings\All Users\Application Data\Ooze Bias Bone Blue\lessaudiopile Object is locked skipped
C:\Documents and Settings\Francesca Wheatley\Local Settings\Temp\hsperfdata_Francesca Wheatley\2612 Object is locked skipped
C:\Documents and Settings\Francesca Wheatley\Local Settings\Temporary Internet Files\AntiPhishing\07FB382D-AA75-4683-82F4-EAB265A275CB.dat Object is locked skipped
C:\Documents and Settings\Francesca Wheatley\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Francesca Wheatley\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Francesca Wheatley\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Guest\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Guest\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Jason Wheatley\.housecall6.6\Quarantine\MWSBAR.DLL.bac_a03888 Infected: not-a-virus:AdTool.Win32.MyWebSearch.p skipped
C:\Documents and Settings\Jason Wheatley\.housecall6.6\Quarantine\MWSOESTB.DLL.bac_a03888 Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Jason Wheatley\.housecall6.6\Quarantine\MWSSRCAS.DLL.bac_a03888 Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\Documents and Settings\Jason Wheatley\Application Data\McAfee\MBK\ARBUSFILE.GDB Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Application Data\SiteAdvisor\SiteAdv.csh Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\ApplicationHistory\McAfeeDataBackup.exe.e548c4c.ini.inuse Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{80847A91-408E-4429-83E3-BA8B497FC401} Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\History\History.IE5\MSHist012007021320070214\index.dat Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Temp\fb_2756.lck Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Temp\Perflib_Perfdata_f98.dat Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Temp\~DF3520.tmp Object is locked skipped
C:\Documents and Settings\Jason Wheatley\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jason Wheatley\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Jason Wheatley\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\00000002.ps1 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\00000002.ps2 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\00010002.ci Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\cicat.fid Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\cicat.hsh Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiCL0001.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiP10000.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiP20000.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiPT0000.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiSL0001.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiSP0000.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiST0000.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiVP0000.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\INDEX.000 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\propstor.bk1 Object is locked skipped
C:\Program Files\Dell\Support\UI\Search\catalog.wci\propstor.bk2 Object is locked skipped
C:\Program Files\FunWebProducts\Installr\2.bin\F3EZSETP.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.e skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\BWDocMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\BWInfopakMap.pht Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\chandir.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\chandir.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\chn.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\chn.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\inuse.txt Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\L0000032.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\main.log Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_die.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_die.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\storydb.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\storydb.idx Object is locked skipped
C:\Program Files\MSN Messenger\riched20.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.d skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.z skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.f skipped
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.p skipped
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ab skipped
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\System Volume Information\catalog.wci\00000002.ps1 Object is locked skipped
C:\System Volume Information\catalog.wci\00000002.ps2 Object is locked skipped
C:\System Volume Information\catalog.wci\00010004.ci Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.fid Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.hsh Object is locked skipped
C:\System Volume Information\catalog.wci\CiCL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP10000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP20000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiPT0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiST0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiVP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\INDEX.000 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk1 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk2 Object is locked skipped
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP146\A0003493.exe Infected: Trojan.Win32.Inject.au skipped
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP149\change.log Object is locked skipped
C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{4C901E65-2A99-4AD9-8354-149B31ABF4A7}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\f3PSSavr.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\fb_1880.lck Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_14c.dat Object is locked skipped
C:\WINDOWS\Temp\sqlite_14YED4ot27hKPiM Object is locked skipped
C:\WINDOWS\Temp\sqlite_2yr9PDLoqA8LRej Object is locked skipped
C:\WINDOWS\Temp\sqlite_6ehMUozsG4ise7M Object is locked skipped
C:\WINDOWS\Temp\sqlite_7ZsIpRnk1MeK73t Object is locked skipped
C:\WINDOWS\Temp\sqlite_A2pnJMHkcIix75t Object is locked skipped
C:\WINDOWS\Temp\sqlite_BArCnuysQvddkPY Object is locked skipped
C:\WINDOWS\Temp\sqlite_BOAUzmcjaQZawgt Object is locked skipped
C:\WINDOWS\Temp\sqlite_D7aCcieCmwrD40Z Object is locked skipped
C:\WINDOWS\Temp\sqlite_dLhZV6w7XFmbVOq Object is locked skipped
C:\WINDOWS\Temp\sqlite_ecRSMsAlQ3Ohi3C Object is locked skipped
C:\WINDOWS\Temp\sqlite_h5iO9wI3cW77Fec Object is locked skipped
C:\WINDOWS\Temp\sqlite_hMxvcVy3wq11pkL Object is locked skipped
C:\WINDOWS\Temp\sqlite_HQJ672iL4iUz9wm Object is locked skipped
C:\WINDOWS\Temp\sqlite_nyBY0SnHtr2cBic Object is locked skipped
C:\WINDOWS\Temp\sqlite_P8ldFWURzLlujo7 Object is locked skipped
C:\WINDOWS\Temp\sqlite_tQWU7BOvyr21n4O Object is locked skipped
C:\WINDOWS\Temp\sqlite_wrGGhgwkhS7IPkW Object is locked skipped
C:\WINDOWS\Temp\sqlite_yxNolp6c5T7PU9U Object is locked skipped
C:\WINDOWS\Temp\sqlite_ZWRzLPo2akqxmzp Object is locked skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\{00000002-00000000-00000000-00001102-00000004-10031102}.CDF Object is locked skipped
H:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
H:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP149\change.log Object is locked skipped
Scan process completed.
Thanks in advance,
Jason