PDA

View Full Version : Infected Computer... Please help... HJT Report



limacharlie145
2007-11-16, 03:43
Here is my HJT Log...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:40:17 PM, on 11/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SecCenter\scprot4.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
C:\Program Files\TiVo\Desktop\TiVoNotify.exe
C:\Program Files\TiVo\Desktop\TiVoServer.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\TEMP\winDD.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.shopping.hp.com/webapp/shopping/generic_subcategory.do?storeName=storefronts&landing=storefronts&category=esp_notebooks&subcat1=esp_notebooks&catLevel=2
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\vbqwllqw.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [notqfgzo] rundll32.exe "C:\Program Files\notqfgzo\xmzydgta.dll",Init
O4 - HKLM\..\Run: [lodqlqnw] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\lodqlqnw.dll"
O4 - HKLM\..\Run: [SC2] C:\Program Files\SecCenter\scprot4.exe
O4 - HKLM\..\Run: [SoftwareStation] "C:\Program Files\eAcceleration\Station\station.exe" /b Startup
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus
O4 - HKLM\..\Run: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll",VerifyStatus
O4 - HKLM\..\Run: [webscan] "C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
O4 - HKLM\..\Run: [vcravira] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\vcravira.dll"
O4 - HKLM\..\Run: [167801d6] rundll32.exe "C:\WINDOWS\system32\goytelqi.dll",b
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA4952] command /c del "C:\WINDOWS\system32\vbqwllqw.dllbox"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6291] cmd /c del "C:\WINDOWS\system32\vbqwllqw.dllbox"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9139] command /c del "C:\WINDOWS\system32\vbqwllqw.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9940] cmd /c del "C:\WINDOWS\system32\vbqwllqw.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1132] command /c del "C:\WINDOWS\system32\vbqwllqw.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8700] cmd /c del "C:\WINDOWS\system32\vbqwllqw.dll"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [TivoTransfer] "C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" /service /registry /auto:TivoTransfer
O4 - HKCU\..\Run: [TivoNotify] "C:\Program Files\TiVo\Desktop\TiVoNotify.exe" /service /registry /auto:TivoNotify
O4 - HKCU\..\Run: [TivoServer] "C:\Program Files\TiVo\Desktop\TiVoServer.exe" /service /registry /auto:TivoServer
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB2482] command /c del "C:\WINDOWS\system32\vbqwllqw.dllbox"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6205] cmd /c del "C:\WINDOWS\system32\vbqwllqw.dllbox"
O4 - HKCU\..\RunOnce: [SpybotDeletingB416] command /c del "C:\WINDOWS\system32\vbqwllqw.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6646] cmd /c del "C:\WINDOWS\system32\vbqwllqw.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5635] command /c del "C:\WINDOWS\system32\vbqwllqw.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5857] cmd /c del "C:\WINDOWS\system32\vbqwllqw.dll"
O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=pavilion&pf=laptop
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://ecourt.maricopa.gov/includes/ScriptX.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O16 - DPF: {E473A65C-8087-49A3-AFFD-C5BC4A10669B} (Quantum Streaming IE Player Class) - http://mvnet.xlontech.net/qm/fox/06101102/qsp2ie06101001.cab
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe

--
End of file - 16574 bytes

limacharlie145
2007-11-16, 05:13
Thursday, November 15, 2007 2:29:37 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 15/11/2007
Kaspersky Anti-Virus database records: 459979


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
C:\
D:\
E:\

Scan Statistics
Total number of scanned objects 96297
Number of viruses found 19
Number of infected objects 36
Number of suspicious objects 4
Duration of the scan process 01:57:57

Infected Object Name Virus Name Last Action
C:\d0cebfc2ad6e1e9865\update\update.exe Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde1.zip/avp.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde1.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Yazzle.zip/Yazzle1162OinUninstaller.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Yazzle.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-11-15_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\38615486.dll Infected: Trojan-Downloader.Win32.Zlob.axw skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3E634C47.dll Infected: not-virus:Hoax.Win32.Renos.fv skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A140633.exe/data0006 Infected: not-a-virus:FraudTool.Win32.VirusBurst.d skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A140633.exe NSIS: infected - 1 skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A140633.exe CryptFF: infected - 1 skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\75774B05.vir Infected: Trojan-Downloader.Win32.Zlob.bai skipped

C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp Object is locked skipped

C:\Documents and Settings\All Users\DRM\drmstore.hds Object is locked skipped

C:\Documents and Settings\Doug Weller\Application Data\$_hpcst$.hpc Object is locked skipped

C:\Documents and Settings\Doug Weller\Application Data\Mozilla\Firefox\Profiles\47ny0dqb.default\cert8.db Object is locked skipped

C:\Documents and Settings\Doug Weller\Application Data\Mozilla\Firefox\Profiles\47ny0dqb.default\formhistory.dat Object is locked skipped

C:\Documents and Settings\Doug Weller\Application Data\Mozilla\Firefox\Profiles\47ny0dqb.default\history.dat Object is locked skipped

C:\Documents and Settings\Doug Weller\Application Data\Mozilla\Firefox\Profiles\47ny0dqb.default\key3.db Object is locked skipped

C:\Documents and Settings\Doug Weller\Application Data\Mozilla\Firefox\Profiles\47ny0dqb.default\search.sqlite Object is locked skipped

C:\Documents and Settings\Doug Weller\Application Data\Mozilla\Firefox\Profiles\47ny0dqb.default\urlclassifier2.sqlite Object is locked skipped

C:\Documents and Settings\Doug Weller\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped

C:\Documents and Settings\Doug Weller\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Doug Weller\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\Doug Weller\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\dbc2e.ht1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\dbdam Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\dbdao Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\dbeam Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\dbeao Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\dbm Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\dbu2d.ht1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\dbvm.cf1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\dbvmh.ht1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\fii.cf1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\fiih.ht1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\hp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\hpt2i.ht1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\rpm.cf1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\rpm1m.cf1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\rpm1mh.ht1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\rpmh.ht1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\safeweb\goog-black-enchashm.cf1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\safeweb\goog-black-enchashmh.ht1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\safeweb\goog-black-urlm.cf1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\safeweb\goog-black-urlmh.ht1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\safeweb\goog-malware-domainm.cf1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\safeweb\goog-malware-domainmh.ht1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\safeweb\goog-white-domainm.cf1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Google\Google Desktop\70ed826eeed8\safeweb\goog-white-domainmh.ht1 Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Mozilla\Firefox\Profiles\47ny0dqb.default\Cache\_CACHE_001_ Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Mozilla\Firefox\Profiles\47ny0dqb.default\Cache\_CACHE_002_ Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Mozilla\Firefox\Profiles\47ny0dqb.default\Cache\_CACHE_003_ Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Application Data\Mozilla\Firefox\Profiles\47ny0dqb.default\Cache\_CACHE_MAP_ Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic120.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic184.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic449.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic48C.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic5A6.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic83.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic84.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic85.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic87.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic88.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic89.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic8A.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic8B.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic8C.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic8D.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic94.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\tic9B.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticA2.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticB8.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticBC.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticBF.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticC1.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticCE.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticCF.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticD4.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticD5.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticD7.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticD8.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticDC.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticDD.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticDE.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticE3.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticE4.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticE5.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticE9.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\Free Download Manager\ticEA.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\gos2BE.tmp

limacharlie145
2007-11-16, 05:14
C:\Documents and Settings\Doug Weller\Local Settings\Temp\Perflib_Perfdata_cdc.dat Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\WCESLog.log Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\win2C1.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\win2C1.exe NSIS: infected - 1 skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\~DF5983.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\~DFAD5E.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\Local Settings\Temp\~DFEC97.tmp Object is locked skipped

C:\Documents and Settings\Doug Weller\My Documents\Cracks\bloom_astraware_bejeweled_2_1.22.rar/keygen.exe Infected: Trojan-Downloader.Win32.Small.gpt skipped

C:\Documents and Settings\Doug Weller\My Documents\Cracks\bloom_astraware_bejeweled_2_1.22.rar/crack.exe Infected: Trojan.Win32.Dialer.qn skipped

C:\Documents and Settings\Doug Weller\My Documents\Cracks\bloom_astraware_bejeweled_2_1.22.rar RAR: infected - 2 skipped

C:\Documents and Settings\Doug Weller\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Doug Weller\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Doug Weller\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

C:\Documents and Settings\Doug Weller\Temporary Internet Files\Content.IE5\C2M7TF3T\pochki20071106[1] Infected: Trojan.Win32.Obfuscated.kp skipped

C:\Documents and Settings\Doug Weller\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Doug Weller\Temporary Internet Files\Content.IE5\OK1SC3FN\hctp[2] Infected: not-a-virus:AdWare.Win32.Virtumonde.aps skipped

C:\Documents and Settings\Doug Weller\Temporary Internet Files\Content.IE5\OK1SC3FN\upd32_v14[1] Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\HighJackThis\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\HighJackThis\SmitfraudFix.zip ZIP: infected - 1 skipped

C:\Program Files\Common Files\Symantec Shared\AntiSpam\Log\Spam.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0901NAV~.TMP Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0902NAV~.TMP Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP293\A0049297.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP294\A0049302.exe Infected: not-virus:Hoax.Win32.Renos.hx skipped

C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP294\A0049325.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP294\A0049435.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.wi skipped

C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP294\A0049437.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP294\A0049439.exe Infected: Trojan-Downloader.Win32.PurityScan.eg skipped

C:\System Volume Information\_restore{3A579F61-82CF-4117-919A-DB7B394CD5BC}\RP294\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\Downloaded Program Files\popcaploader.dll Infected: not-a-virus:Downloader.Win32.PopCap.b skipped

C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt Object is locked skipped

C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{0912B1B6-AFB6-441E-BFC6-ACC173F04D4C}.crmlog Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{45E34A80-6829-400A-96D2-1E7A2E3E8996}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\bmkjdrwg.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.aps skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\fbnptheq.exe Infected: Trojan.Win32.Obfuscated.kp skipped

C:\WINDOWS\system32\goytelqi.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.aps skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\hggdbxu.dll Infected: Trojan-Downloader.Win32.Small.gpt skipped

C:\WINDOWS\system32\kgamvxkv.exe Infected: Trojan.Win32.Obfuscated.kp skipped

C:\WINDOWS\system32\khfeeed.dll Infected: Trojan-Downloader.Win32.Small.gpt skipped

C:\WINDOWS\system32\MsDtc\MSDTC.LOG Object is locked skipped

C:\WINDOWS\system32\MsDtc\Trace\dtctrace.log Object is locked skipped

C:\WINDOWS\system32\msmq\storage\QMLog Object is locked skipped

C:\WINDOWS\system32\mugthggf.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped

C:\WINDOWS\system32\nckchxwm.dll Infected: Trojan.Win32.BHO.xe skipped

C:\WINDOWS\system32\vbqwllqw.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped

C:\WINDOWS\system32\vtstt.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.apq skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\system32\winbjv32.dll Infected: Trojan.Win32.Dialer.qn skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.