Problem with search-daily.com Please Help
Everytime when I search something on google.com, it redirect the link to search-daily.com
Please help. Thanks.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:07:02 PM, on 2/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\ADMINI~1.TU_\LOCALS~1\Temp\Temporary Directory 1 for HiJackThis.zip\HijackThis.exe
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {ECEA6D5A-4F00-4908-B64F-C8AA2670FF8C} - C:\WINDOWS\system32\asycfil.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
--
End of file - 5545 bytes
The HJT log. Now i understand. Thanks for your help.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:44:38 PM, on 2/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {ECEA6D5A-4F00-4908-B64F-C8AA2670FF8C} - C:\WINDOWS\system32\asycfil.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
--
End of file - 5505 bytes
The Kaspersky log report part 1
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, February 29, 2008 4:23:58 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 29/02/2008
Kaspersky Anti-Virus database records: 590811
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
Scan Statistics:
Total number of scanned objects: 75988
Number of viruses found: 22
Number of infected objects: 251
Number of suspicious objects: 0
Duration of the scan process: 01:17:17
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator.TU_DANG\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator.TU_DANG\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator.TU_DANG\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator.TU_DANG\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator.TU_DANG\Local Settings\History\History.IE5\MSHist012008022920080301\index.dat Object is locked skipped
C:\Documents and Settings\Administrator.TU_DANG\Local Settings\Temp\Perflib_Perfdata_4c0.dat Object is locked skipped
C:\Documents and Settings\Administrator.TU_DANG\Local Settings\Temporary Internet Files\Content.IE5\0I1ZU06B\in[1].htm Infected: Trojan-Downloader.JS.Zapchast.f skipped
C:\Documents and Settings\Administrator.TU_DANG\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator.TU_DANG\Local Settings\Temporary Internet Files\Content.IE5\KF736WPD\can1thuvip[1].com Infected: Trojan-Spy.Win32.SCKeyLog.au skipped
C:\Documents and Settings\Administrator.TU_DANG\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrator.TU_DANG\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\117577AE.exe Infected: Trojan-Spy.Win32.SCKeyLog.au skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\25050AA1.exe Infected: Trojan-Spy.Win32.SCKeyLog.q skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61274830.tmp Infected: Backdoor.Win32.Agent.so skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\786B5F52.exe Infected: Trojan-Spy.Win32.SCKeyLog.q skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Program Files\AdvancedCleaner Free\ian_monitor.exe Infected: not-a-virus:Downloader.Win32.Agent.t skipped
C:\Program Files\AdvancedCleaner Free\UADC.exe Infected: not-a-virus:Downloader.Win32.WinFixer.bt skipped
C:\Program Files\AdvancedCleaner Free\UADCcw.exe Infected: not-a-virus:FraudTool.Win32.AdvancedCleaner.a skipped
C:\Program Files\Helper\turbosearchsite.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\chandir.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\chandir.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\chn.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\chn.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\inuse.txt Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\L0000003.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\main.log Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_die.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_die.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\storydb.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Administrator\Data\storydb.idx Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0F9E3BEE.jpg Infected: Exploit.JS.ADODB.Stream.e skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2B3078E6 Infected: Trojan-Downloader.VBS.Psyme.ls skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2FE41D52.gif Infected: Exploit.JS.ADODB.Stream.e skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\31760ABB/data0007 Infected: Trojan-Downloader.Win32.Zlob.fpw skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\31760ABB NSIS: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\31760ABB CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\351C790A Infected: Trojan-Downloader.Win32.Zlob.gjg skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\44802593 Infected: not-virus:Hoax.Win32.Renos.aon skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4AEC66B6 Infected: not-virus:Hoax.Win32.Renos.aoy skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4AF33AAF Infected: Trojan-Downloader.Win32.Zlob.iab skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4B823FDB.htm Infected: Trojan-Downloader.JS.Zapchast.f skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\58D467A3.jpg Infected: Exploit.JS.ADODB.Stream.e skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\63321175 Infected: Trojan-Downloader.Win32.Zlob.fqq skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\67844C67 Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\67887663 Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\78DC0E7E Infected: Exploit.JS.ADODB.Stream.e skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\797543D5 Infected: Exploit.JS.ADODB.Stream.e skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\797F41CA Infected: Exploit.JS.ADODB.Stream.e skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\79E07F66 Infected: Trojan-Downloader.Win32.Zlob.fqr skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7FD0003A Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\Program Files\Video Add-on\ictmdl.dll Infected: Trojan-Downloader.Win32.Zlob.idi skipped
C:\Program Files\Video Add-on\ictun.exe Infected: Trojan-Downloader.Win32.Zlob.gzo skipped
C:\Program Files\VirusProtect 3.9\VirusProtect 3.9.exe Infected: not-a-virus:FraudTool.Win32.VirusProtectPro.l skipped
C:\Program Files\Yahoo!\Messenger\logs\billing_Administrator.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\client_Administrator.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\network_Administrator.log Object is locked skipped
The Kaspersky log report part 2
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP755\A0109462.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP755\A0109463.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP755\A0109464.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP756\A0109483.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP756\A0109484.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP756\A0109485.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP756\A0109495.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP756\A0109496.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP756\A0109497.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP756\A0109511.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP756\A0109512.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP756\A0109513.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP757\A0109548.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP757\A0109549.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP757\A0109550.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP758\A0109574.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP758\A0109575.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP758\A0109576.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP759\A0109599.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP759\A0109600.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP759\A0109601.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP760\A0109619.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP760\A0109620.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP760\A0109621.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP761\A0109642.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP761\A0109643.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP761\A0109644.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP761\A0109655.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP761\A0109656.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP761\A0109657.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP762\A0109667.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP762\A0109668.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP762\A0109669.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP763\A0109682.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP763\A0109683.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP763\A0109684.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP763\A0110682.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP763\A0110683.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP763\A0110684.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP764\A0111682.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP764\A0111683.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP764\A0111684.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP764\A0111693.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP764\A0111694.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP764\A0111695.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP765\A0111709.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP765\A0111710.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP765\A0111711.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP766\A0111730.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP766\A0111731.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP766\A0111732.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP767\A0112730.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP767\A0112731.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP767\A0112732.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP767\A0112746.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP767\A0112747.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP767\A0112748.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP767\A0113747.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP767\A0113748.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP767\A0113749.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP768\A0114746.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP768\A0114747.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP768\A0114748.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP768\A0114758.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP768\A0114759.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP768\A0114760.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP768\A0115758.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP768\A0115759.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP768\A0115760.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0116758.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0116759.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0116760.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0116777.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0116778.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0116779.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0117777.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0117778.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0117779.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0118777.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0118778.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0118779.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0118794.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0118795.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP769\A0118796.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP770\A0118816.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP770\A0118817.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP770\A0118818.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP771\A0118840.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP771\A0118841.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP771\A0118842.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP772\A0118862.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP772\A0118863.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP772\A0118864.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP773\A0118890.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP773\A0118891.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP773\A0118892.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP774\A0119890.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP774\A0119891.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP774\A0119892.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP775\A0119912.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP775\A0119913.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP775\A0119914.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP775\A0120610.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP775\A0120616.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP775\A0120618.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP775\A0120627.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP775\A0120628.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP775\A0120629.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP775\A0120642.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP775\A0120643.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP775\A0120644.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP776\A0120663.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP776\A0120664.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP776\A0120665.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP777\A0120686.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP777\A0120687.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP777\A0120688.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP780\A0120787.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP780\A0120788.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP780\A0120789.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP780\A0120810.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP780\A0120811.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP780\A0120812.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP782\A0120830.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP782\A0120831.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
The Kaspersky log report part 3 (end of report)
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP782\A0120832.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP783\A0120851.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP783\A0120852.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP783\A0120853.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP783\A0120862.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP783\A0120863.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP783\A0120870.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP783\A0120881.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP783\A0120882.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP783\A0120883.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP783\A0120900.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP783\A0120901.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP783\A0120902.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP784\A0120921.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP784\A0120922.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP784\A0120923.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP785\A0120958.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP785\A0120959.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP785\A0120960.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP786\A0120983.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP786\A0120984.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP786\A0120985.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP787\A0121001.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP787\A0121002.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP787\A0121003.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP789\A0121032.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP789\A0121033.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP789\A0121034.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP790\A0121050.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP790\A0121051.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP790\A0121052.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP790\A0121069.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP790\A0121070.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP790\A0121071.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP791\A0121095.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP791\A0121096.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP791\A0121097.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP791\A0121107.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP791\A0121108.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP791\A0121109.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP791\A0122107.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP791\A0122108.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP791\A0122109.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP791\A0122121.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP791\A0122122.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP791\A0122123.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP792\A0122142.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP792\A0122143.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP792\A0122144.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP793\A0122171.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP793\A0122172.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP793\A0122173.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP794\A0122187.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP794\A0122188.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP794\A0122189.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP794\A0122200.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP794\A0122201.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP794\A0122202.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP795\A0122217.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP795\A0122218.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP795\A0122219.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP796\A0122233.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP796\A0122234.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP796\A0122235.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP796\A0122245.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP796\A0122246.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP796\A0122247.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP797\A0122272.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP797\A0122273.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP797\A0122274.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122295.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122296.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122297.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122299.dll Infected: Trojan-Downloader.Win32.Zlob.gjg skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122300.exe Infected: Trojan-Downloader.Win32.Zlob.fqq skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122309.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122310.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122311.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122313.dll Infected: Trojan-Downloader.Win32.Zlob.gjg skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122314.exe Infected: Trojan-Downloader.Win32.Zlob.fqq skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122326.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122327.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122328.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122329.dll Infected: Trojan-Downloader.Win32.Zlob.gjg skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122331.exe Infected: Trojan-Downloader.Win32.Zlob.fqq skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122339.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP798\A0122340.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{2DB944E5-6F8F-4542-BB3B-06EF2863636F}\RP53\A0005577.dll Infected: Trojan-Downloader.Win32.Zlob.gjg skipped
C:\System Volume Information\_restore{2DB944E5-6F8F-4542-BB3B-06EF2863636F}\RP53\A0005578.exe Infected: Trojan-Downloader.Win32.Zlob.fqr skipped
C:\System Volume Information\_restore{2DB944E5-6F8F-4542-BB3B-06EF2863636F}\RP54\A0005591.dll Infected: Trojan.Win32.Pakes.cdw skipped
C:\System Volume Information\_restore{2DB944E5-6F8F-4542-BB3B-06EF2863636F}\RP57\A0005647.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{2DB944E5-6F8F-4542-BB3B-06EF2863636F}\RP57\A0005648.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{2DB944E5-6F8F-4542-BB3B-06EF2863636F}\RP57\A0005649.exe Infected: not-virus:Hoax.Win32.Fera.u skipped
C:\System Volume Information\_restore{2DB944E5-6F8F-4542-BB3B-06EF2863636F}\RP59\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\system32\config\sam Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\security Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.