Kalimero
2007-10-01, 18:07
Total number of scanned objects 109348
Number of viruses found 8
Number of infected objects 22
Number of suspicious objects 0
Duration of the scan process 00:59:57
Infected Object Name Virus Name Last Action
C:\Documents and Settings\Alan\Application Data\Microsoft\Internet Explorer\UserData\index.dat Object is locked skipped
C:\Documents and Settings\Alan\Application Data\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped
C:\Documents and Settings\Alan\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\History\History.IE5\MSHist012007100120071002\index.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Temp\NERO13366\Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Alan\Local Settings\Temp\~DF5C17.tmp Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Alan\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Alan\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped
C:\Program Files\AskTBar\bar\1.bin\A5POPSWT.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.az skipped
C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.az skipped
C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.az skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP213\A0023518.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.NaviPromo.bw skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP213\A0023518.exe/stream Infected: not-a-virus:AdWare.Win32.NaviPromo.bw skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP213\A0023518.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe/EXE-file/stream/data0005 Infected: not-a-virus:AdWare.Win32.NaviPromo.bw skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe/EXE-file/stream/data0009 Infected: not-a-virus:FraudTool.Win32.SpywareSecure.a skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe/EXE-file/stream Infected: not-a-virus:FraudTool.Win32.SpywareSecure.a skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe/EXE-file Infected: not-a-virus:FraudTool.Win32.SpywareSecure.a skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe Embedded EXE: infected - 4 skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe UPX: infected - 4 skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe PE_Patch.UPX: infected - 4 skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP216\A0025831.hlp Infected: Backdoor.IRC.Zapchast skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP216\A0025832.bat Infected: Trojan.BAT.Zapchast skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP220\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\etc\noob14\pnc.exe Infected: not-a-virus:RemoteAdmin.Win32.NetCat skipped
C:\WINDOWS\system32\drivers\etc\noob14\spsexec.exe Infected: not-a-virus:RiskTool.Win32.PsExec.13 skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\NSIS_SpywareSecure_trial_setup.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.NaviPromo.bw skipped
C:\WINDOWS\Temp\NSIS_SpywareSecure_trial_setup.exe/stream/data0009 Infected: not-a-virus:FraudTool.Win32.SpywareSecure.a skipped
C:\WINDOWS\Temp\NSIS_SpywareSecure_trial_setup.exe/stream Infected: not-a-virus:FraudTool.Win32.SpywareSecure.a skipped
C:\WINDOWS\Temp\NSIS_SpywareSecure_trial_setup.exe NSIS: infected - 3 skipped
C:\WINDOWS\Temp\Perflib_Perfdata_59c.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log
Number of viruses found 8
Number of infected objects 22
Number of suspicious objects 0
Duration of the scan process 00:59:57
Infected Object Name Virus Name Last Action
C:\Documents and Settings\Alan\Application Data\Microsoft\Internet Explorer\UserData\index.dat Object is locked skipped
C:\Documents and Settings\Alan\Application Data\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped
C:\Documents and Settings\Alan\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\History\History.IE5\MSHist012007100120071002\index.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Temp\NERO13366\Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Alan\Local Settings\Temp\~DF5C17.tmp Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Alan\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Alan\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Alan\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped
C:\Program Files\AskTBar\bar\1.bin\A5POPSWT.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.az skipped
C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.az skipped
C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.az skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP213\A0023518.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.NaviPromo.bw skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP213\A0023518.exe/stream Infected: not-a-virus:AdWare.Win32.NaviPromo.bw skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP213\A0023518.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe/EXE-file/stream/data0005 Infected: not-a-virus:AdWare.Win32.NaviPromo.bw skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe/EXE-file/stream/data0009 Infected: not-a-virus:FraudTool.Win32.SpywareSecure.a skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe/EXE-file/stream Infected: not-a-virus:FraudTool.Win32.SpywareSecure.a skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe/EXE-file Infected: not-a-virus:FraudTool.Win32.SpywareSecure.a skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe Embedded EXE: infected - 4 skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe UPX: infected - 4 skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP215\A0025776.exe PE_Patch.UPX: infected - 4 skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP216\A0025831.hlp Infected: Backdoor.IRC.Zapchast skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP216\A0025832.bat Infected: Trojan.BAT.Zapchast skipped
C:\System Volume Information\_restore{11AD7EED-2F51-4247-92A5-249F85EC8554}\RP220\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\etc\noob14\pnc.exe Infected: not-a-virus:RemoteAdmin.Win32.NetCat skipped
C:\WINDOWS\system32\drivers\etc\noob14\spsexec.exe Infected: not-a-virus:RiskTool.Win32.PsExec.13 skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\NSIS_SpywareSecure_trial_setup.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.NaviPromo.bw skipped
C:\WINDOWS\Temp\NSIS_SpywareSecure_trial_setup.exe/stream/data0009 Infected: not-a-virus:FraudTool.Win32.SpywareSecure.a skipped
C:\WINDOWS\Temp\NSIS_SpywareSecure_trial_setup.exe/stream Infected: not-a-virus:FraudTool.Win32.SpywareSecure.a skipped
C:\WINDOWS\Temp\NSIS_SpywareSecure_trial_setup.exe NSIS: infected - 3 skipped
C:\WINDOWS\Temp\Perflib_Perfdata_59c.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log