Tech Support Forum - View Single Post

andrew.bennett · 08-07-2007, 02:05 PM

here is the scan from that

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, August 07, 2007 4:02:52 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 7/08/2007
Kaspersky Anti-Virus database records: 376885
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 37947
Number of viruses found: 8
Number of infected objects: 27
Number of suspicious objects: 0
Duration of the scan process: 00:29:52

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-08022007-165610.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\A3475FB4.TMP Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe/data0002/data0002 Infected: not-a-virus:AdWare.Win32.TTC.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe/data0006 Infected: Trojan-Downloader.Win32.Small.eqn skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe/data0007 Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe/data0008 Infected: not-a-virus:AdWare.Win32.Agent.co skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe/data0009 Infected: Trojan-Dropper.Win32.Agent.mu skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe NSIS: infected - 6 skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\cert8.db Object is locked skipped
C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\history.dat Object is locked skipped
C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\key3.db Object is locked skipped
C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\parent.lock Object is locked skipped
C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\search.sqlite Object is locked skipped
C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\MailRoom\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{369750A5-94C4-4955-8285-2DBA30011B27} Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\History\History.IE5\MSHist012007080720070808\index.dat Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Temp\JETCB28.tmp Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Temp\JETD053.tmp Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Temp\JETE789.tmp Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Temp\JETFFF3.tmp Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Temp\~DF8565.tmp Object is locked skipped
C:\Documents and Settings\MailRoom\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\MailRoom\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\MailRoom\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe/data0002/data0002 Infected: not-a-virus:AdWare.Win32.TTC.b skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.b skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe/data0006 Infected: Trojan-Downloader.Win32.Small.eqn skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe/data0007 Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe/data0008 Infected: not-a-virus:AdWare.Win32.Agent.co skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe/data0009 Infected: Trojan-Dropper.Win32.Agent.mu skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe NSIS: infected - 6 skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAD.dat Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWADMT.dat Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAS.dat Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAS.ldb Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Common Files\System\SYSTEM.ldb Object is locked skipped
C:\Program Files\Common Files\System\SYSTEM.MDW Object is locked skipped
C:\Program Files\Norton 360\Log\AutoProtect.log Object is locked skipped
C:\Program Files\Norton 360\Log\AVContext.log Object is locked skipped
C:\Program Files\Norton 360\Log\AVManual.log Object is locked skipped
C:\Program Files\Norton 360\Log\Backup.log Object is locked skipped
C:\Program Files\Norton 360\Log\CUInternetPageViewHistory.log Object is locked skipped
C:\Program Files\Norton 360\Log\CUInternetSearchHistory.log Object is locked skipped
C:\Program Files\Norton 360\Log\CUInternetTempFiles.log Object is locked skipped
C:\Program Files\Norton 360\Log\CUWindowsTempFiles.log Object is locked skipped
C:\Program Files\Norton 360\Log\EmailScan.log Object is locked skipped
C:\Program Files\Norton 360\Log\InternetSecurity.log Object is locked skipped
C:\Program Files\Norton 360\Log\ISIntrusionPrevented.log Object is locked skipped
C:\Program Files\Norton 360\Log\ISIOTraffic.log Object is locked skipped
C:\Program Files\Norton 360\Log\ISNewNetwork.log Object is locked skipped
C:\Program Files\Norton 360\Log\LiveUpdate.log Object is locked skipped
C:\Program Files\Norton 360\Log\NCO.log Object is locked skipped
C:\Program Files\Norton 360\Log\VABrowserSettings.log Object is locked skipped
C:\Program Files\Norton 360\Log\VAIPAddresses.log Object is locked skipped
C:\Program Files\Norton 360\Log\VAWeakPasswords.log Object is locked skipped
C:\Program Files\Norton 360\Log\WDFScanner.log Object is locked skipped
C:\QooBox\Quarantine\C\Program Files\Internet Explorer\meqocan4444.dll.vir Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\QooBox\Quarantine\C\WINDOWS\lprgmuwA.exe.vir Infected: Trojan-Downloader.Win32.VB.ang skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\byxyxxv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\cbxxwtr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jkkjghh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ljjiheb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\muxxdvdt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.la skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\vtuurpo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\X9\wb720.exe.vir Infected: not-a-virus:AdWare.Win32.Agent.co skipped
C:\QooBox\Quarantine\C\WINDOWS\TTC-4444.exe.vir/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\QooBox\Quarantine\C\WINDOWS\TTC-4444.exe.vir NSIS: infected - 1 skipped
C:\QooBox\Quarantine\catchme2007-08-07_133647.12.zip/tuvwvww.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\QooBox\Quarantine\catchme2007-08-07_133647.12.zip ZIP: infected - 1 skipped
C:\UPS\RCSS\RCSSMain.ldb Object is locked skipped
C:\UPS\RCSS\RCSSMain.mdb Object is locked skipped
C:\UPS\UOWS\FOSS\FOSS11.log Object is locked skipped
C:\UPS\UOWS\RateData\RateEdit.ldb Object is locked skipped
C:\UPS\UOWS\RateData\RateEdit.mdb Object is locked skipped
C:\UPS\UOWS\SYSLOG\upslnkmgr\log\UPSLinkMgrTrace.txt Object is locked skipped
C:\UPS\UOWS\upsdb.ldb Object is locked skipped
C:\UPS\UOWS\upsdb.mdb Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\SPOOL\PRINTERS\FP00001.SHD Object is locked skipped
C:\WINDOWS\SYSTEM32\SPOOL\PRINTERS\FP00001.SPL Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\temp\JET538E.tmp Object is locked skipped
C:\WINDOWS\temp\JET54B6.tmp Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

08-07-2007, 02:05 PM	#13 (permalink)
andrew.bennett Registered User Join Date: Aug 2007 Posts: 12 OS: Win XP	Re: Problems with Trojan: Win32/Virtumonde.0 here is the scan from that ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Tuesday, August 07, 2007 4:02:52 PM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.93.0 Kaspersky Anti-Virus database last update: 7/08/2007 Kaspersky Anti-Virus database records: 376885 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ Scan Statistics: Total number of scanned objects: 37947 Number of viruses found: 8 Number of infected objects: 27 Number of suspicious objects: 0 Duration of the scan process: 00:29:52 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-08022007-165610.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\A3475FB4.TMP Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe/data0002/data0002 Infected: not-a-virus:AdWare.Win32.TTC.b skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.b skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe/data0006 Infected: Trojan-Downloader.Win32.Small.eqn skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe/data0007 Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe/data0008 Infected: not-a-virus:AdWare.Win32.Agent.co skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe/data0009 Infected: Trojan-Dropper.Win32.Agent.mu skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\bY001[1].exe NSIS: infected - 6 skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\cert8.db Object is locked skipped C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\formhistory.dat Object is locked skipped C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\history.dat Object is locked skipped C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\key3.db Object is locked skipped C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\parent.lock Object is locked skipped C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\search.sqlite Object is locked skipped C:\Documents and Settings\MailRoom\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\urlclassifier2.sqlite Object is locked skipped C:\Documents and Settings\MailRoom\Cookies\INDEX.DAT Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{369750A5-94C4-4955-8285-2DBA30011B27} Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Application Data\Mozilla\Firefox\Profiles\76g1zrer.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\History\History.IE5\MSHist012007080720070808\index.dat Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Temp\JETCB28.tmp Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Temp\JETD053.tmp Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Temp\JETE789.tmp Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Temp\JETFFF3.tmp Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Temp\~DF8565.tmp Object is locked skipped C:\Documents and Settings\MailRoom\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\MailRoom\NTUSER.DAT Object is locked skipped C:\Documents and Settings\MailRoom\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe/data0002/data0002 Infected: not-a-virus:AdWare.Win32.TTC.b skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.b skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe/data0006 Infected: Trojan-Downloader.Win32.Small.eqn skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe/data0007 Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe/data0008 Infected: not-a-virus:AdWare.Win32.Agent.co skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe/data0009 Infected: Trojan-Dropper.Win32.Agent.mu skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5L5ZPQHC\bY001[1].exe NSIS: infected - 6 skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAD.dat Object is locked skipped C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWADMT.dat Object is locked skipped C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAS.dat Object is locked skipped C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAS.ldb Object is locked skipped C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped C:\Program Files\Common Files\System\SYSTEM.ldb Object is locked skipped C:\Program Files\Common Files\System\SYSTEM.MDW Object is locked skipped C:\Program Files\Norton 360\Log\AutoProtect.log Object is locked skipped C:\Program Files\Norton 360\Log\AVContext.log Object is locked skipped C:\Program Files\Norton 360\Log\AVManual.log Object is locked skipped C:\Program Files\Norton 360\Log\Backup.log Object is locked skipped C:\Program Files\Norton 360\Log\CUInternetPageViewHistory.log Object is locked skipped C:\Program Files\Norton 360\Log\CUInternetSearchHistory.log Object is locked skipped C:\Program Files\Norton 360\Log\CUInternetTempFiles.log Object is locked skipped C:\Program Files\Norton 360\Log\CUWindowsTempFiles.log Object is locked skipped C:\Program Files\Norton 360\Log\EmailScan.log Object is locked skipped C:\Program Files\Norton 360\Log\InternetSecurity.log Object is locked skipped C:\Program Files\Norton 360\Log\ISIntrusionPrevented.log Object is locked skipped C:\Program Files\Norton 360\Log\ISIOTraffic.log Object is locked skipped C:\Program Files\Norton 360\Log\ISNewNetwork.log Object is locked skipped C:\Program Files\Norton 360\Log\LiveUpdate.log Object is locked skipped C:\Program Files\Norton 360\Log\NCO.log Object is locked skipped C:\Program Files\Norton 360\Log\VABrowserSettings.log Object is locked skipped C:\Program Files\Norton 360\Log\VAIPAddresses.log Object is locked skipped C:\Program Files\Norton 360\Log\VAWeakPasswords.log Object is locked skipped C:\Program Files\Norton 360\Log\WDFScanner.log Object is locked skipped C:\QooBox\Quarantine\C\Program Files\Internet Explorer\meqocan4444.dll.vir Infected: not-a-virus:AdWare.Win32.TTC.a skipped C:\QooBox\Quarantine\C\WINDOWS\lprgmuwA.exe.vir Infected: Trojan-Downloader.Win32.VB.ang skipped C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\byxyxxv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\cbxxwtr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jkkjghh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ljjiheb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\muxxdvdt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.la skipped C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\vtuurpo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\X9\wb720.exe.vir Infected: not-a-virus:AdWare.Win32.Agent.co skipped C:\QooBox\Quarantine\C\WINDOWS\TTC-4444.exe.vir/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped C:\QooBox\Quarantine\C\WINDOWS\TTC-4444.exe.vir NSIS: infected - 1 skipped C:\QooBox\Quarantine\catchme2007-08-07_133647.12.zip/tuvwvww.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\QooBox\Quarantine\catchme2007-08-07_133647.12.zip ZIP: infected - 1 skipped C:\UPS\RCSS\RCSSMain.ldb Object is locked skipped C:\UPS\RCSS\RCSSMain.mdb Object is locked skipped C:\UPS\UOWS\FOSS\FOSS11.log Object is locked skipped C:\UPS\UOWS\RateData\RateEdit.ldb Object is locked skipped C:\UPS\UOWS\RateData\RateEdit.mdb Object is locked skipped C:\UPS\UOWS\SYSLOG\upslnkmgr\log\UPSLinkMgrTrace.txt Object is locked skipped C:\UPS\UOWS\upsdb.ldb Object is locked skipped C:\UPS\UOWS\upsdb.mdb Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped C:\WINDOWS\SYSTEM32\SPOOL\PRINTERS\FP00001.SHD Object is locked skipped C:\WINDOWS\SYSTEM32\SPOOL\PRINTERS\FP00001.SPL Object is locked skipped C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\temp\JET538E.tmp Object is locked skipped C:\WINDOWS\temp\JET54B6.tmp Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.