PDA

View Full Version : Can't get rid of Win32.Murlo.ff.rtk Post 1 of 2



Jez_S
2007-10-22, 18:57
Hi

Don't seem to be able to get rid of this, despite multiple runnings of Spybot. Have run Kaspersky (see below) and this seems to have identified other problems...can you help??? Thanks.

KASPERSKY ONLINE SCANNER REPORT
Monday, October 22, 2007 4:03:55 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 22/10/2007
Kaspersky Anti-Virus database records: 442434


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
C:\
D:\

Scan Statistics
Total number of scanned objects 553935
Number of viruses found 23
Number of infected objects 119
Number of suspicious objects 16
Duration of the scan process 05:45:21

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Kontiki\error.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\107633ab18f4af9f52a559f75a1cc097_9c928323-9b32-47ad-9462-348453c782cc Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\47c29a4a4e0a74bb8b67f3692a3e5265_9c928323-9b32-47ad-9462-348453c782cc Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloff.zip/startdrv.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloff.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloff2.zip/startdrv.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloff2.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloff4.zip/startdrv.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloff4.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloff6.zip/startdrv.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloff6.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloffrtk.zip/startdrv.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloffrtk.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloffrtk2.zip/startdrv.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloffrtk2.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloffrtk4.zip/startdrv.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloffrtk4.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloffrtk6.zip/startdrv.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinMurloffrtk6.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\COMET\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\COMET\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\COMET\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\COMET\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\COMET\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\COMET\Local Settings\Temporary Internet Files\Content.IE5\QTTE7UP8\PCTurboProInstallerFree[1].exe Infected: not-a-virus:Downloader.Win32.WinFixer.w skipped

C:\Documents and Settings\COMET\ntuser.dat Object is locked skipped

C:\Documents and Settings\COMET\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Program Files\ACTIV Software\ACTIVdriver\ActivControl2.exe Infected: Trojan.Win32.Patched.af skipped

C:\Program Files\ACTIV Software\ACTIVdriver\ActivFilter.exe Infected: Trojan.Win32.Patched.af skipped

C:\Program Files\BroadJump\Client Foundation\CFD.exe Infected: Trojan.Win32.Patched.af skipped

C:\Program Files\hlpsrv.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\Program Files\ntl\broadband medic\log\mpbtn.log Object is locked skipped

C:\Program Files\ntl\broadband medic\SmartBridge\AlertFilter.log Object is locked skipped

C:\Program Files\ntl\broadband medic\SmartBridge\log\httpclient.log Object is locked skipped

C:\Program Files\ntl\broadband medic\SmartBridge\MotiveSB.exe Infected: Trojan.Win32.Patched.af skipped

C:\Program Files\ntl\broadband medic\SmartBridge\SmartBridge.log Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP310\A0093004.exe Infected: Backdoor.Win32.Agent.ark skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP319\A0093442.exe Infected: Email-Worm.Win32.Zhelatin.ks skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP319\A0093443.exe Infected: Email-Worm.Win32.Zhelatin.kt skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP319\A0093446.exe Infected: Packed.Win32.PolyCrypt.d skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP319\A0093447.exe Infected: Packed.Win32.PolyCrypt.d skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP319\A0093458.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP319\A0093462.exe Infected: Email-Worm.Win32.Zhelatin.kr skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP319\A0093471.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093533.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093542.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093553.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093561.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093569.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093577.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093585.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093600.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093608.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093623.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093631.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093667.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093689.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093710.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093726.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093741.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093756.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093764.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093772.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093814.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093830.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093845.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093867.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093875.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093890.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093912.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093927.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093935.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093957.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093986.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0093994.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094008.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094017.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094053.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094067.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094094.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094105.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094113.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094121.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094149.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094158.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094180.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094211.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094234.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094242.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094254.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094272.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094280.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094295.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094303.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094311.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094339.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094372.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094401.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094413.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094430.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094488.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094507.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094525.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094554.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094562.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094576.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094592.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094621.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094629.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094651.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094666.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094681.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094689.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

continued in post 2

Jez_S
2007-10-22, 19:00
Rest of scan report:

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094718.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094733.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094747.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094763.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP321\A0094771.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP322\A0094787.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP322\A0094844.exe Infected: not-a-virus:Downloader.Win32.WinFixer.bd skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP322\A0094850.exe Infected: not-a-virus:Porn-Dialer.Win32.GBDialer.j skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP322\A0094855.dll Infected: not-virus:Hoax.Win32.Renos.lq skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP322\A0094856.exe Infected: Trojan-Downloader.Win32.Small.cxx skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP322\A0094857.exe Infected: Trojan-Downloader.Win32.Small.cxx skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP322\A0094858.exe Infected: Trojan-Proxy.Win32.Xorpix.bv skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP322\A0094861.sys Infected: Packed.Win32.Tibs.ap skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP322\A0094862.exe Infected: Email-Worm.Win32.Zhelatin.kr skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP322\A0095056.dll Infected: Trojan-Downloader.Win32.Agent.ebr skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP322\A0095074.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP322\A0095091.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP322\A0095104.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP334\A0095200.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP334\A0095211.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP335\A0095537.exe Infected: Email-Worm.Win32.Zhelatin.kr skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP335\A0095538.exe Infected: Email-Worm.Win32.Zhelatin.kr skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP335\A0095543.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP340\A0099898.exe Infected: Trojan.Win32.Pakes.sb skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP340\A0099932.sys Infected: Rootkit.Win32.Agent.jp skipped

C:\System Volume Information\_restore{25EC80A5-ABC8-4E76-AAFA-A9284724DC8A}\RP341\change.log Object is locked skipped

C:\WINDOWS\avp.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\mgrs.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{E0255BE8-F3B2-4386-96D9-B4F76303368F}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\361hlwmU.dll Infected: not-a-virus:AdWare.Win32.BHO.fd skipped

C:\WINDOWS\system32\67Fk5437.dll Infected: not-a-virus:AdWare.Win32.BHO.gw skipped

C:\WINDOWS\system32\68J6A1e5.dll Infected: not-a-virus:AdWare.Win32.BHO.gw skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edbtmp.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\drivers\etc\hosts.backup Infected: Trojan.Win32.Qhost.my skipped

C:\WINDOWS\system32\drivers\ip6fw.sys Infected: Trojan-Downloader.Win32.Agent.acl skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\NeroCheck.exe Infected: Trojan.Win32.Patched.af skipped

C:\WINDOWS\system32\sulimo.dat Infected: not-virus:Hoax.Win32.Renos.lq skipped

C:\WINDOWS\system32\vtr.dll Infected: not-virus:Hoax.Win32.Renos.lq skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\temp\Perflib_Perfdata_20c.dat Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

C:\WINDOWS\xlavra3.exe Infected: Trojan-Downloader.Win32.Agent.eao skipped

Scan process completed.

tashi
2007-10-22, 19:05
Hello.

I merged your two topics, did you miss our stickies?
"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Copy and paste that information in your next post if the content will take no more than two posts to do so.
If the result of your anti-virus scan is extremely long, please do not post it, but rather inform your helper when posting the HJT log.

Copy/paste the HJT log only into a new topic, then I will close this one as helpers look for zero response.

Best regards.