Nidoking138
2007-11-21, 03:51
Hi!
I've been running through Spybot, Vundofix, and SDFix, for quite some time now on my friend's computer trying to get his numerous viruses off of it but I just can't seem to make his computer "clean". His computer is in ok condition but it needs some work.
Here are the HiJackThis and Kaspersky Online Scanner Logs.
-----------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:20:28 PM, on 11/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\jtneokqp.exe
C:\Program Files\Media Center Diagnostic Kit\Tests\Bin\ehMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2K1.EXE
C:\Program Files\Print Server\PTP\PSDiagnostic.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\nonhtqpd.exe
C:\Program Files\Trend Micro\HijackThis\scanner.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
O2 - BHO: (no name) - {032ED5F0-69CA-4A3C-9DB1-EC36E3660FC0} - (no file)
O2 - BHO: (no name) - {0E9E2AF6-494E-4AA4-BC23-F51B6CCBA985} - (no file)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: (no name) - {200D0AAD-71B1-51C9-DDB0-092BA4662A54} - C:\Program Files\Mpuzuifz\icankabz.dll
O2 - BHO: (no name) - {20A47E7F-1638-4A5C-A531-C25A73EE9D21} - (no file)
O2 - BHO: (no name) - {31B03F1C-2C26-429C-893A-67B0283C28F3} - (no file)
O2 - BHO: (no name) - {351055D8-4E90-4E2A-8E6C-8A61BB325E0D} - (no file)
O2 - BHO: (no name) - {3727E53E-13CD-4EA4-AA8A-8D6F126526D5} - (no file)
O2 - BHO: (no name) - {3A55A51E-CC3E-48E4-BEFB-DA6C589338D7} - (no file)
O2 - BHO: (no name) - {3AFA1930-527F-4781-BC6E-2183B8A03E05} - C:\WINDOWS\system32\awvvt.dll (file missing)
O2 - BHO: (no name) - {3C4CA90C-8F9A-49DC-8A45-14E5344843C0} - (no file)
O2 - BHO: (no name) - {422FE6D5-098F-4A19-8C4D-81A602397461} - (no file)
O2 - BHO: (no name) - {47A33BB1-F1B1-41FD-9B4B-D5A833FCB9BD} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {634BBAB7-3F60-4426-944F-A62B9007F67F} - (no file)
O2 - BHO: (no name) - {641B128D-FE2F-41DE-BC04-4FD0D2900DFE} - (no file)
O2 - BHO: (no name) - {676FF501-77E2-4C81-8C04-C685628D9910} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {76B0A0A2-1AC8-4748-BF4F-6DDABCD7E084} - (no file)
O2 - BHO: (no name) - {7B645D91-3C69-41FA-8CB2-DD50546743CA} - (no file)
O2 - BHO: (no name) - {7F35D17B-FDF2-47F8-AF7A-1CBBEB2D8585} - (no file)
O2 - BHO: (no name) - {8628CE29-6C70-418F-AEBC-60ACDE89730E} - (no file)
O2 - BHO: (no name) - {8CBC80E6-0F81-4F28-A08B-FB523206B374} - (no file)
O2 - BHO: (no name) - {968B9E03-A8EA-4027-9F06-7B3DC933AAE4} - C:\WINDOWS\system32\mljgh.dll
O2 - BHO: (no name) - {9D63B51C-2126-4FDC-81D7-21DC7611DE3F} - (no file)
O2 - BHO: (no name) - {A6E432B4-D4C2-43B3-BF55-C364F8F7362A} - (no file)
O2 - BHO: (no name) - {ACAB217C-B315-4A7C-8617-6056ADCC0080} - (no file)
O2 - BHO: (no name) - {AE08180A-64BD-42E4-969B-64C020F95DBB} - (no file)
O2 - BHO: (no name) - {B2DCD963-66DB-4D7D-892C-3EE602865892} - C:\WINDOWS\system32\lgbiblwb.dll (file missing)
O2 - BHO: (no name) - {BDE3DC5D-61B9-4C1C-BD5F-39766B3D04CE} - (no file)
O2 - BHO: (no name) - {C14EC2EA-5C3C-48FB-8D13-84D619F605A4} - (no file)
O2 - BHO: (no name) - {C3A9146A-FA00-4B83-BFD3-8ECFEF11D3F9} - (no file)
O2 - BHO: (no name) - {C64E99B7-B69D-4C32-B44A-BD54DD31AB20} - (no file)
O2 - BHO: 0 - {C6FD0F6E-3E12-4D6A-81AD-2267C05CCEED} - C:\Program Files\Windows Plus\lavuj276.dll (file missing)
O2 - BHO: (no name) - {C9EE44D6-0800-4F2B-9676-AEC0E5F070C4} - (no file)
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {D0CF448B-A375-4888-8777-70ED5D58EE7C} - (no file)
O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
O2 - BHO: (no name) - {ea21e340-aa27-443f-9a5d-a751e3673564} - C:\WINDOWS\system32\pwbeyoe.dll
O2 - BHO: (no name) - {ED203331-9C33-49D8-8714-D24A366A04EC} - C:\WINDOWS\system32\jkkjifd.dll
O2 - BHO: (no name) - {F12F60A1-F4BC-4668-85ED-6620CDB5FE7D} - (no file)
O2 - BHO: (no name) - {F1F23B2D-EE6D-446B-920B-41E367936322} - (no file)
O2 - BHO: (no name) - {FE84B32E-F263-4A62-82A4-F0FA49FD3687} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX500] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2K1.EXE /P24 "EPSON Stylus Photo RX500" /O6 "USB001" /M "Stylus Photo RX500"
O4 - HKLM\..\Run: [PrintServer Diagnostic] C:\Program Files\Print Server\PTP\PSDiagnostic.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StrgSync.exe] C:\Program Files\StorageSync\StrgSync.exe -w
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [aca3c47c] rundll32.exe "C:\WINDOWS\system32\gteihomp.dll",b
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Myppu] "C:\Documents and Settings\tyderiumDS\My Documents\a?sembly\m?config.exe"
O4 - HKCU\..\Run: [Uaol] "C:\PROGRA~1\CURITY~1\javaw.exe" -vt yazb
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: GameSpot Download Manager.lnk.disabled
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1145249507500
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195549144671
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL c:\windows\system32\ldcore.dll
O20 - Winlogon Notify: ddcyxwu - C:\WINDOWS\
O20 - Winlogon Notify: jkkjifd - C:\WINDOWS\SYSTEM32\jkkjifd.dll
O20 - Winlogon Notify: winwim32 - winwim32.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: DNADownloader - CNET Networks - C:\Program Files\GameSpot\DownloadManager_Win32.exe
O23 - Service: DomainService - - C:\WINDOWS\system32\jtneokqp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O24 - Desktop Component 0: (no name) - C:\Program Files\Windows Plus\profsywu.html
--
End of file - 11692 bytes
---------------------------
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, November 20, 2007 6:50:10 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 21/11/2007
Kaspersky Anti-Virus database records: 462483
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - Critical Areas:
C:\WINDOWS
C:\DOCUME~1\TYDERI~1\LOCALS~1\Temp\
Scan Statistics:
Total number of scanned objects: 22189
Number of viruses found: 13
Number of infected objects: 21
Number of suspicious objects: 1
Duration of the scan process: 00:18:34
Infected Object Name / Virus Name / Last Action
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt Object is locked skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{3B6F64BD-AA4A-4774-B29E-18D2FC9E264B}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\clxaypwi.exe Infected: Trojan.Win32.Agent.bck skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\D2\cabwbdll.exe Infected: not-a-virus:AdWare.Win32.Agent.co skipped
C:\WINDOWS\system32\dcpqucgs.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.aps skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd7069.sys Object is locked skipped
C:\WINDOWS\system32\drvhev.dll Infected: Trojan.Win32.Dialer.qn skipped
C:\WINDOWS\system32\eerfdisw.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\system32\f02WtR\f02WtR1065.exe Infected: Trojan-Downloader.Win32.VB.bgd skipped
C:\WINDOWS\system32\fhsmtffm.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\fibagbia\fibagbia2.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.v skipped
C:\WINDOWS\system32\fibagbia\fibagbia3.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.d skipped
C:\WINDOWS\system32\gteihomp.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.aps skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\jqjrdvvf.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\jtneokqp.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\kcghlskw.exe Infected: Trojan.Win32.Agent.bck skipped
C:\WINDOWS\system32\lrcqdqiy.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\Mz08r\Mz08r1099.exe Infected: Trojan-Downloader.Win32.VB.bqc skipped
C:\WINDOWS\system32\nonhtqpd.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\WINDOWS\system32\pavbmgwu.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\sfltkykw.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\vvgeowbv.exe Infected: not-virus:Hoax.Win32.Renos.kj skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wdtsmtsg.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\ximuxivj.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\Temp\Perflib_Perfdata_330.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\DOCUME~1\TYDERI~1\LOCALS~1\Temp\JETB810.tmp Object is locked skipped
C:\DOCUME~1\TYDERI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\K96BG1YR\deliver46860[1].htm Suspicious: Exploit.HTML.Mht skipped
Scan process completed.
I've been running through Spybot, Vundofix, and SDFix, for quite some time now on my friend's computer trying to get his numerous viruses off of it but I just can't seem to make his computer "clean". His computer is in ok condition but it needs some work.
Here are the HiJackThis and Kaspersky Online Scanner Logs.
-----------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:20:28 PM, on 11/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\jtneokqp.exe
C:\Program Files\Media Center Diagnostic Kit\Tests\Bin\ehMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2K1.EXE
C:\Program Files\Print Server\PTP\PSDiagnostic.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\nonhtqpd.exe
C:\Program Files\Trend Micro\HijackThis\scanner.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
O2 - BHO: (no name) - {032ED5F0-69CA-4A3C-9DB1-EC36E3660FC0} - (no file)
O2 - BHO: (no name) - {0E9E2AF6-494E-4AA4-BC23-F51B6CCBA985} - (no file)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: (no name) - {200D0AAD-71B1-51C9-DDB0-092BA4662A54} - C:\Program Files\Mpuzuifz\icankabz.dll
O2 - BHO: (no name) - {20A47E7F-1638-4A5C-A531-C25A73EE9D21} - (no file)
O2 - BHO: (no name) - {31B03F1C-2C26-429C-893A-67B0283C28F3} - (no file)
O2 - BHO: (no name) - {351055D8-4E90-4E2A-8E6C-8A61BB325E0D} - (no file)
O2 - BHO: (no name) - {3727E53E-13CD-4EA4-AA8A-8D6F126526D5} - (no file)
O2 - BHO: (no name) - {3A55A51E-CC3E-48E4-BEFB-DA6C589338D7} - (no file)
O2 - BHO: (no name) - {3AFA1930-527F-4781-BC6E-2183B8A03E05} - C:\WINDOWS\system32\awvvt.dll (file missing)
O2 - BHO: (no name) - {3C4CA90C-8F9A-49DC-8A45-14E5344843C0} - (no file)
O2 - BHO: (no name) - {422FE6D5-098F-4A19-8C4D-81A602397461} - (no file)
O2 - BHO: (no name) - {47A33BB1-F1B1-41FD-9B4B-D5A833FCB9BD} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {634BBAB7-3F60-4426-944F-A62B9007F67F} - (no file)
O2 - BHO: (no name) - {641B128D-FE2F-41DE-BC04-4FD0D2900DFE} - (no file)
O2 - BHO: (no name) - {676FF501-77E2-4C81-8C04-C685628D9910} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {76B0A0A2-1AC8-4748-BF4F-6DDABCD7E084} - (no file)
O2 - BHO: (no name) - {7B645D91-3C69-41FA-8CB2-DD50546743CA} - (no file)
O2 - BHO: (no name) - {7F35D17B-FDF2-47F8-AF7A-1CBBEB2D8585} - (no file)
O2 - BHO: (no name) - {8628CE29-6C70-418F-AEBC-60ACDE89730E} - (no file)
O2 - BHO: (no name) - {8CBC80E6-0F81-4F28-A08B-FB523206B374} - (no file)
O2 - BHO: (no name) - {968B9E03-A8EA-4027-9F06-7B3DC933AAE4} - C:\WINDOWS\system32\mljgh.dll
O2 - BHO: (no name) - {9D63B51C-2126-4FDC-81D7-21DC7611DE3F} - (no file)
O2 - BHO: (no name) - {A6E432B4-D4C2-43B3-BF55-C364F8F7362A} - (no file)
O2 - BHO: (no name) - {ACAB217C-B315-4A7C-8617-6056ADCC0080} - (no file)
O2 - BHO: (no name) - {AE08180A-64BD-42E4-969B-64C020F95DBB} - (no file)
O2 - BHO: (no name) - {B2DCD963-66DB-4D7D-892C-3EE602865892} - C:\WINDOWS\system32\lgbiblwb.dll (file missing)
O2 - BHO: (no name) - {BDE3DC5D-61B9-4C1C-BD5F-39766B3D04CE} - (no file)
O2 - BHO: (no name) - {C14EC2EA-5C3C-48FB-8D13-84D619F605A4} - (no file)
O2 - BHO: (no name) - {C3A9146A-FA00-4B83-BFD3-8ECFEF11D3F9} - (no file)
O2 - BHO: (no name) - {C64E99B7-B69D-4C32-B44A-BD54DD31AB20} - (no file)
O2 - BHO: 0 - {C6FD0F6E-3E12-4D6A-81AD-2267C05CCEED} - C:\Program Files\Windows Plus\lavuj276.dll (file missing)
O2 - BHO: (no name) - {C9EE44D6-0800-4F2B-9676-AEC0E5F070C4} - (no file)
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {D0CF448B-A375-4888-8777-70ED5D58EE7C} - (no file)
O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
O2 - BHO: (no name) - {ea21e340-aa27-443f-9a5d-a751e3673564} - C:\WINDOWS\system32\pwbeyoe.dll
O2 - BHO: (no name) - {ED203331-9C33-49D8-8714-D24A366A04EC} - C:\WINDOWS\system32\jkkjifd.dll
O2 - BHO: (no name) - {F12F60A1-F4BC-4668-85ED-6620CDB5FE7D} - (no file)
O2 - BHO: (no name) - {F1F23B2D-EE6D-446B-920B-41E367936322} - (no file)
O2 - BHO: (no name) - {FE84B32E-F263-4A62-82A4-F0FA49FD3687} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX500] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2K1.EXE /P24 "EPSON Stylus Photo RX500" /O6 "USB001" /M "Stylus Photo RX500"
O4 - HKLM\..\Run: [PrintServer Diagnostic] C:\Program Files\Print Server\PTP\PSDiagnostic.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StrgSync.exe] C:\Program Files\StorageSync\StrgSync.exe -w
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [aca3c47c] rundll32.exe "C:\WINDOWS\system32\gteihomp.dll",b
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Myppu] "C:\Documents and Settings\tyderiumDS\My Documents\a?sembly\m?config.exe"
O4 - HKCU\..\Run: [Uaol] "C:\PROGRA~1\CURITY~1\javaw.exe" -vt yazb
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: GameSpot Download Manager.lnk.disabled
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1145249507500
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195549144671
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL c:\windows\system32\ldcore.dll
O20 - Winlogon Notify: ddcyxwu - C:\WINDOWS\
O20 - Winlogon Notify: jkkjifd - C:\WINDOWS\SYSTEM32\jkkjifd.dll
O20 - Winlogon Notify: winwim32 - winwim32.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: DNADownloader - CNET Networks - C:\Program Files\GameSpot\DownloadManager_Win32.exe
O23 - Service: DomainService - - C:\WINDOWS\system32\jtneokqp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O24 - Desktop Component 0: (no name) - C:\Program Files\Windows Plus\profsywu.html
--
End of file - 11692 bytes
---------------------------
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, November 20, 2007 6:50:10 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 21/11/2007
Kaspersky Anti-Virus database records: 462483
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - Critical Areas:
C:\WINDOWS
C:\DOCUME~1\TYDERI~1\LOCALS~1\Temp\
Scan Statistics:
Total number of scanned objects: 22189
Number of viruses found: 13
Number of infected objects: 21
Number of suspicious objects: 1
Duration of the scan process: 00:18:34
Infected Object Name / Virus Name / Last Action
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt Object is locked skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{3B6F64BD-AA4A-4774-B29E-18D2FC9E264B}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\clxaypwi.exe Infected: Trojan.Win32.Agent.bck skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\D2\cabwbdll.exe Infected: not-a-virus:AdWare.Win32.Agent.co skipped
C:\WINDOWS\system32\dcpqucgs.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.aps skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd7069.sys Object is locked skipped
C:\WINDOWS\system32\drvhev.dll Infected: Trojan.Win32.Dialer.qn skipped
C:\WINDOWS\system32\eerfdisw.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\system32\f02WtR\f02WtR1065.exe Infected: Trojan-Downloader.Win32.VB.bgd skipped
C:\WINDOWS\system32\fhsmtffm.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\fibagbia\fibagbia2.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.v skipped
C:\WINDOWS\system32\fibagbia\fibagbia3.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.d skipped
C:\WINDOWS\system32\gteihomp.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.aps skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\jqjrdvvf.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\jtneokqp.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\kcghlskw.exe Infected: Trojan.Win32.Agent.bck skipped
C:\WINDOWS\system32\lrcqdqiy.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\Mz08r\Mz08r1099.exe Infected: Trojan-Downloader.Win32.VB.bqc skipped
C:\WINDOWS\system32\nonhtqpd.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\WINDOWS\system32\pavbmgwu.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\sfltkykw.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\vvgeowbv.exe Infected: not-virus:Hoax.Win32.Renos.kj skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wdtsmtsg.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\system32\ximuxivj.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\Temp\Perflib_Perfdata_330.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\DOCUME~1\TYDERI~1\LOCALS~1\Temp\JETB810.tmp Object is locked skipped
C:\DOCUME~1\TYDERI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\K96BG1YR\deliver46860[1].htm Suspicious: Exploit.HTML.Mht skipped
Scan process completed.