xlibgfl254.dll virus [Archive] - Safer-Networking Forums

dbuck1966

2007-09-24, 09:01

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:57:38 PM, on 9/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spider.exe
C:\Temp\HiJack.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\Program Files\Juno\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\Program Files\Juno\qsacc\appres.dll/227
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.finefind.nettraffic2cash.biz
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.05p.com (HKLM)
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.scoobidoo.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O15 - Trusted IP range: 206.161.125.149 (HKLM)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 5232 bytes

KASPERSKY ONLINE SCANNER REPORT
Sunday, September 23, 2007 11:39:37 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 24/09/2007
Kaspersky Anti-Virus database records: 422762

Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\
G:\
H:\
I:\
J:\

Scan Statistics
Total number of scanned objects 126039
Number of viruses found 24
Number of infected objects 50
Number of suspicious objects 2
Duration of the scan process 01:25:36

Infected Object Name Virus Name Last Action
C:\Documents and Settings\Administrator\Application Data\CyberLink\PowerDVD\DVDTitles.bmk Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\CD Player\DeluxeCD.mdb Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{49FC50FC-F965-40D9-89B4-CBFF80941033}\ARPPRODUCTICON.exe Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.bak Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Desktop.htt Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\CompuServe 7.0.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\WINAMP.LNK Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Media Player\000222E0.wpl Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\CREDHIST Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Microsoft\Windows\Themes\Custom.theme Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\deployment.properties Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\security\deployment.certs Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\security\deployment.jssecerts Object is locked skipped

C:\Documents and Settings\Administrator\Application Data\Symantec\Shared\Options.VcPref Object is locked skipped

C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\eMachines Sites\eMachines Home Page.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\eMachines Sites\eMachines Start Page.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\eMachines Sites\eMachines Support Page.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\eMachines Sites\eMachines Support Request.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Financial Links\MSN CarPoint.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Financial Links\MSN Home.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Financial Links\MSN HomeAdvisor.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Financial Links\MSN Hotmail.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Financial Links\MSN Money.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Financial Links\MSN People & Chat.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Financial Links\MSN Shopping.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Financial Links\MSN Web Search.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Links\Customize Links.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Links\Free Hotmail.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Links\RealPlayer.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Links\Windows Media.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Links\Windows.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Media\Real.com Radio Tuner.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\MSN.com.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\Radio Station Guide.url Object is locked skipped

C:\Documents and Settings\Administrator\Favorites\RealPlayer Home Page.url Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Works\Portfolio\Sample.wsb Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142000}\1033.MST Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142000}\Java 2 Runtime Environment, SE v1.4.2.msi Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\History\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temp\dat1.tmp Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temp\dat2.tmp Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\CyberLink\PowerDVD\Default.PLS Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\My Music\Desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\My Music\Sample Music.lnk Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\My Pictures\Desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\My Documents\My Pictures\Sample Pictures.lnk Object is locked skipped

C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Administrator\ntuser.ini Object is locked skipped

C:\Documents and Settings\Administrator\Recent\Desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\SendTo\Compressed (zipped) Folder.ZFSendToTarget Object is locked skipped

C:\Documents and Settings\Administrator\SendTo\Desktop (create shortcut).DeskLink Object is locked skipped

C:\Documents and Settings\Administrator\SendTo\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\SendTo\Mail Recipient.MAPIMail Object is locked skipped

C:\Documents and Settings\Administrator\SendTo\My Documents.mydocs Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Address Book.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Command Prompt.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Entertainment\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Entertainment\RealPlayer.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Notepad.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Program Compatibility Wizard.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Synchronize.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Tour Windows XP.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Windows Explorer.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\AOL Instant Messenger (SM)\AOL Instant Messenger (SM).lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\AOL Instant Messenger (SM)\License.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\AOL Instant Messenger (SM)\Uninstall AOL Instant Messenger (SM).lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\ICQ\ICQ Database Converter.lnk Object is locked skipped

dbuck1966

2007-09-24, 09:02

C:\Documents and Settings\Administrator\Start Menu\Programs\ICQ\ICQ NetDetect Agent.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\ICQ\ICQ Shared Files.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\ICQ\ICQ.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\ICQ\License Agreement.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\ICQ\Uninstall ICQ.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\desktop.ini Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Winamp\Uninstall Winamp.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Winamp\What's new.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Winamp\Winamp.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk Object is locked skipped

C:\Documents and Settings\Administrator\Templates\amipro.sam Object is locked skipped

C:\Documents and Settings\Administrator\Templates\excel.xls Object is locked skipped

C:\Documents and Settings\Administrator\Templates\excel4.xls Object is locked skipped

C:\Documents and Settings\Administrator\Templates\lotus.wk4 Object is locked skipped

C:\Documents and Settings\Administrator\Templates\powerpnt.ppt Object is locked skipped

C:\Documents and Settings\Administrator\Templates\presenta.shw Object is locked skipped

C:\Documents and Settings\Administrator\Templates\quattro.wb2 Object is locked skipped

C:\Documents and Settings\Administrator\Templates\sndrec.wav Object is locked skipped

C:\Documents and Settings\Administrator\Templates\winword.doc Object is locked skipped

C:\Documents and Settings\Administrator\Templates\winword2.doc Object is locked skipped

C:\Documents and Settings\Administrator\Templates\wordpfct.wpd Object is locked skipped

C:\Documents and Settings\Administrator\Templates\wordpfct.wpg Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-02032007-115958.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Altnet.zip/asmend.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Altnet.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\Kim\Application Data\privprotect.exe Infected: not-a-virus:Downloader.Win32.WinFixer.y skipped

C:\Documents and Settings\Kim\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Counter.class-4f780aa4-2918acbd.class Infected: Trojan.Java.Femad skipped

C:\Documents and Settings\Kim\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\VerifierBug.class-7d3dca66-7c608d1c.class Infected: Trojan.Java.Femad skipped

C:\Documents and Settings\Kim\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-72ad41fc.zip/Counter.class Infected: Trojan.Java.Femad skipped

C:\Documents and Settings\Kim\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-72ad41fc.zip/VerifierBug.class Infected: Trojan.Java.Femad skipped

C:\Documents and Settings\Kim\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-72ad41fc.zip/web.exe Infected: Trojan.Win32.LowZones.dp skipped

C:\Documents and Settings\Kim\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-72ad41fc.zip/Worker.class Infected: Trojan.Java.Femad skipped

C:\Documents and Settings\Kim\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-72ad41fc.zip/Xeyond.class Infected: Trojan.Java.Femad skipped

C:\Documents and Settings\Kim\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-72ad41fc.zip ZIP: infected - 5 skipped

C:\Documents and Settings\Kim\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Kim\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped

C:\Documents and Settings\Kim\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Kim\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Kim\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Kim\Local Settings\History\History.IE5\MSHist012007092320070924\index.dat Object is locked skipped

C:\Documents and Settings\Kim\Local Settings\Temp\B180847434\build2.exe Infected: not-a-virus:AdWare.Win32.MDH.e skipped

C:\Documents and Settings\Kim\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

C:\Documents and Settings\Kim\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Kim\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Kim\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Kissy\Local Settings\Temp\asmfiles.cab/asm.exe Infected: not-a-virus:AdWare.Win32.Altnet.l skipped

C:\Documents and Settings\Kissy\Local Settings\Temp\asmfiles.cab/asmps.dll Infected: not-a-virus:AdWare.Win32.Altnet.t skipped

C:\Documents and Settings\Kissy\Local Settings\Temp\asmfiles.cab CAB: infected - 2 skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Program Files\eGames\MahJongg Master 2 Game\fa015753 TSAdInstant Infected: Trojan-Dropper.Win32.Agent.zc skipped

C:\Program Files\eGames\Puzzle Master Demo\egames.exe Infected: Trojan-Dropper.Win32.Agent.zc skipped

C:\Program Files\Kazaa\TopSearch.dll Infected: not-a-virus:AdWare.Win32.Altnet.d skipped

C:\Program Files\Mozilla Firefox\extensions\{2bafa858-4ff3-4207-822e-ef46d1b431de}\chrome\isearch.jar/content/isearch/isearch.js Infected: not-a-virus:AdWare.Win32.ISearch.e skipped

C:\Program Files\Mozilla Firefox\extensions\{2bafa858-4ff3-4207-822e-ef46d1b431de}\chrome\isearch.jar ZIP: infected - 1 skipped

C:\Program Files\MSN Messenger\riched20.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\Program Files\Need2Find\bar\1.bin\N2PLUGIN.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped

C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.o skipped

C:\Program Files\Uninstall My Web Search.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.p skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{879E598B-020E-408B-AC9B-13ABBD7D02C3}\RP866\A0063537.dll Infected: not-a-virus:AdWare.Win32.Altnet.t skipped

C:\System Volume Information\_restore{879E598B-020E-408B-AC9B-13ABBD7D02C3}\RP866\A0063538.exe Infected: not-a-virus:AdWare.Win32.Altnet.l skipped

C:\System Volume Information\_restore{879E598B-020E-408B-AC9B-13ABBD7D02C3}\RP866\A0063539.exe Infected: not-a-virus:AdWare.Win32.Altnet.a skipped

C:\System Volume Information\_restore{879E598B-020E-408B-AC9B-13ABBD7D02C3}\RP866\A0063540.dll Infected: not-a-virus:AdWare.Win32.Altnet.a skipped

C:\System Volume Information\_restore{879E598B-020E-408B-AC9B-13ABBD7D02C3}\RP866\A0063541.dll Infected: not-a-virus:AdWare.Win32.Altnet.a skipped

C:\System Volume Information\_restore{879E598B-020E-408B-AC9B-13ABBD7D02C3}\RP866\A0063543.DLL Infected: not-a-virus:AdWare.Win32.MySearch.e skipped

C:\System Volume Information\_restore{879E598B-020E-408B-AC9B-13ABBD7D02C3}\RP952\A0075289.dll Infected: Trojan-Downloader.Win32.Agent.bfj skipped

C:\System Volume Information\_restore{879E598B-020E-408B-AC9B-13ABBD7D02C3}\RP962\A0076354.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3039 skipped

C:\System Volume Information\_restore{879E598B-020E-408B-AC9B-13ABBD7D02C3}\RP962\A0076355.dll Infected: not-a-virus:AdWare.Win32.Altnet.j skipped

C:\System Volume Information\_restore{879E598B-020E-408B-AC9B-13ABBD7D02C3}\RP962\A0076356.dll Infected: not-a-virus:AdWare.Win32.Altnet.a skipped

C:\System Volume Information\_restore{879E598B-020E-408B-AC9B-13ABBD7D02C3}\RP962\A0076357.exe Infected: not-a-virus:AdWare.Win32.Altnet.g skipped

C:\Temp\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Temp\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Temp\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Temp\SmitfraudFix.exe RarSFX: infected - 2 skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\mzcfw.dll Infected: Trojan-Downloader.Win32.WinShow.ak skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\spool\PRINTERS\FP00038.SHD Object is locked skipped

C:\WINDOWS\system32\spool\PRINTERS\FP00038.SPL Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Temp\Altnet\adm.exe Infected: not-a-virus:AdWare.Win32.Altnet.a skipped

C:\WINDOWS\Temp\Altnet\adm4.dll Infected: not-a-virus:AdWare.Win32.Altnet.a skipped

C:\WINDOWS\Temp\Altnet\admdloader.dll Infected: not-a-virus:AdWare.Win32.BrilliantDigital.3039 skipped

C:\WINDOWS\Temp\Altnet\admfdi.dll Infected: not-a-virus:AdWare.Win32.Altnet.j skipped

C:\WINDOWS\Temp\Altnet\admprog.dll Infected: not-a-virus:AdWare.Win32.Altnet.a skipped

C:\WINDOWS\Temp\Altnet\dmfiles.cab/AltnetUninstall.exe Infected: not-a-virus:AdWare.Win32.Altnet.g skipped

C:\WINDOWS\Temp\Altnet\dmfiles.cab CAB: infected - 1 skipped

C:\WINDOWS\Temp\Altnet\mysearch.cab/mySetp.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.o skipped

C:\WINDOWS\Temp\Altnet\mysearch.cab CAB: infected - 1 skipped

C:\WINDOWS\Temp\Altnet\pmexe.cab/Points Manager.exe Infected: not-a-virus:AdWare.Win32.Altnet.h skipped

C:\WINDOWS\Temp\Altnet\pmexe.cab CAB: infected - 1 skipped

C:\WINDOWS\Temp\Altnet\Setup.exe Infected: not-a-virus:AdWare.Win32.Altnet.b skipped

C:\WINDOWS\Temp\SPL16.tmp Object is locked skipped

C:\WINDOWS\Temp\_ISTMP2.DIR\56a601.DLL Object is locked skipped

C:\WINDOWS\Temp\_ISTMP2.DIR\Corecomp.ini Object is locked skipped

C:\WINDOWS\Temp\_ISTMP2.DIR\Ctl3d32.dll Object is locked skipped

C:\WINDOWS\Temp\_ISTMP2.DIR\IsUninst.Exe Object is locked skipped

C:\WINDOWS\Temp\_ISTMP2.DIR\license.txt Object is locked skipped

C:\WINDOWS\Temp\_ISTMP2.DIR\value.shl Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan was interrupted by user!