Thread: Pop-ups, Hijackthis log file
View Single Post
Old 11-04-2007, 02:56 PM   #8 (permalink)
Bobby Smith
Registered User
 
Bobby Smith's Avatar
 
Join Date: Dec 2004
Posts: 35
OS: xp home


Re: Pop-ups, Hijackthis log file
Fresh Hijackthis log, Online Scan & ComboFix's log attached. Thanks!


ComboFix 07-11-04.1 - Owner 2007-11-05 11:28:53.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.230 [GMT -6:00]
Running from: C:\Documents and Settings\Owner.BOBBY\My Documents\Bobby's Documents\Tech Support Forum\ComboFix.exe
Command switches used :: C:\Documents and Settings\Owner.BOBBY\My Documents\Bobby's Documents\Tech Support Forum\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\nvchost.exe

.
((((((((((((((((((((((((( Files Created from 2007-10-05 to 2007-11-05 )))))))))))))))))))))))))))))))
.

2007-11-03 15:12 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-03 14:00 24,576 --a------ C:\temp\IadHide3.dll
2007-10-28 19:56 <DIR> d-------- C:\Deckard
2007-10-10 12:37 <DIR> d-------- C:\Program Files\ASIO4ALL v2
2007-10-09 15:31 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-10-07 13:28 <DIR> d-------- C:\Program Files\Native Instruments

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-05 02:48 --------- d-----w C:\Program Files\Quicken
2007-11-03 13:52 --------- d-----w C:\Program Files\LimeWire
2007-10-27 22:37 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-10-10 18:37 --------- d-----w C:\Program Files\Image-Line
2007-10-04 21:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-09-24 06:36 --------- d-----w C:\Documents and Settings\Owner.BOBBY\Application Data\Juce VST Host
2007-09-22 19:40 --------- d-----w C:\Program Files\Windows Live
2007-09-22 19:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2004-10-25 03:43 66 ----a-w C:\Documents and Settings\Owner.BOBBY\Application Data\tvmcwrd.dll
2004-10-24 00:35 226,266 ----a-w C:\Documents and Settings\Owner.BOBBY\Application Data\tvmknwrd.dll
2004-06-23 20:55 20,480 ----a-w C:\Program Files\ProcManager.exe
2004-10-21 05:57:15 0 --sha-w C:\WINDOWS\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((( snapshot@2007-11-04_16.22.31.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-10-29 23:56:19 136,192 ----a-w C:\WINDOWS\catchme.exe
+ 2007-10-30 00:56:19 136,192 ----a-w C:\WINDOWS\catchme.exe
- 2007-08-17 23:03:19 54,280 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2007-11-04 22:28:18 54,280 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-08-17 23:03:19 384,596 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2007-11-04 22:28:18 384,596 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2007-07-22 23:39:27 279,552 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2007-07-23 00:39:27 279,552 ----a-w C:\WINDOWS\system32\swreg.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-10 05:06]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-09-17 18:04]
"Lock My PC"="C:\Program Files\LMPC3\lockpc.exe" [2006-05-26 10:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PhotoShow Deluxe Media Manager"="C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\xtras\mssysmgr.exe" [2003-12-03 08:42]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-08-18 12:49]

C:\Documents and Settings\Customers\Start Menu\Programs\Startup\
office depot.mpg [2004-01-22 13:14:28]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 00:05:26]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2003-09-16 14:19:24]
Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2003-12-13 14:28:04]
Kodak software updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe [2003-06-08 16:48:18]
PrintKey-Pro.lnk - C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe [2003-09-19 21:12:40]
Ulead Photo Express 3.0 SE Calendar Checker.lnk - C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe [2005-10-05 19:31:34]

R1 Cinemsup;Cinemsup;C:\WINDOWS\system32\drivers\Cinemsup.sys
R1 ewido security suite driver;ewido security suite driver;\??\C:\Program Files\ewido\security suite\guard.sys
R3 DLKRTS;D-Link DFE-530TX+ PCI Adapter;C:\WINDOWS\system32\DRIVERS\DLKRTS.SYS
R3 GT680x;GrandTechICNameNT;C:\WINDOWS\system32\Drivers\gt680x.sys
R3 LMPC2;LMPC2;C:\WINDOWS\system32\drivers\LMPC2.sys
S3 ldiskl;ldiskl;\??\C:\DOCUME~1\OWNER~1.BOB\LOCALS~1\Temp\ldiskl.sys
S3 TBU11;Turtle Beach USB MIDI 1x1 Driver;C:\WINDOWS\system32\Drivers\tbu11.sys

.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-05 11:32:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-11-05 11:34:14
C:\ComboFix2.txt ... 2007-11-04 16:25
.
--- E O F ---


Logfile of HijackThis v1.99.1
Scan saved at 4:51:46 PM, on 11/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\LMPC3\lockpc.exe
C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\xtras\mssysmgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lock My PC] C:\Program Files\LMPC3\lockpc.exe /s
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\xtras\mssysmgr.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: PrintKey-Pro.lnk = C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe
O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://lowerlot.axiscam.net:9553/activex/AMC.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by101fd.bay101.hotmail.msn.co...x/HMAtchmt.ocx
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, November 05, 2007 4:50:32 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 4/11/2007
Kaspersky Anti-Virus database records: 451524
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
M:\
N:\

Scan Statistics:
Total number of scanned objects: 152126
Number of viruses found: 36
Number of infected objects: 109
Number of suspicious objects: 0
Duration of the scan process: 01:58:17

Infected Object Name / Virus Name / Last Action
C:\Deckard\System Scanner\backup\WINDOWS\Downloaded Program Files\UWFX5LP_0001_0715NetInstaller.exe Infected: not-a-virus:Downloader.Win32.Agent.e skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Application Data\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Application Data\interMute\SpamSubtract\updates\badwords.re Object is locked skipped
C:\Documents and Settings\Owner\Application Data\interMute\SpamSubtract\updates\words.re Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\CLR Security Config\v1.1.4322\security.config Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\CLR Security Config\v1.1.4322\security.config.cch Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Installer\{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}\ICO_ZoneDeluxeGamesManager.ico Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Installer\{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}\ICO__Collapse_Deluxe.exe Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Installer\{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}\ICO__Cubis_Deluxe.exe Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Installer\{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}\ICO__Mah_Jong_Tiles_Deluxe.exe Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Installer\{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}\ICO__TextTwist_Deluxe.exe Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Installer\{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}\ICO__Word_MoJo_Deluxe.exe Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\brndlog.bak Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\brndlog.txt Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Desktop.htt Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\RealOne Player.lnk Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Protect\CREDHIST Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Microsoft\Windows\Themes\Custom.theme Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Real\rnadmin\rnsystem.dat Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Sonic\Update Manager\sumdb.dat Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\deployment.properties Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Symantec\Shared\Options.VcPref Object is locked skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Desktop\Register with Compaq.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Compaq's Internet Service Providers\America Online.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Compaq's Internet Service Providers\CompuServe.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Compaq's Internet Service Providers\Get High-Speed Internet.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\My Yahoo.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Best of the Web.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Briefcase.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Calendar.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Entertainment.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Finance.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Games.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Mail.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Music.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! News.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Personals.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Photos.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Shopping.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Sports.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Travel.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Compaq's Recommended Web Sites\Yahoo\Yahoo! Yellow Pages.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Financial Links\MSN CarPoint.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Financial Links\MSN Home.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Financial Links\MSN HomeAdvisor.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Financial Links\MSN Hotmail.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Financial Links\MSN Money.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Financial Links\MSN People & Chat.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Financial Links\MSN Shopping.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Financial Links\MSN Web Search.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Links\Customize Links.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Links\Free Hotmail.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Links\Windows Media.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Links\Windows.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\MSN.com.url Object is locked skipped
C:\Documents and Settings\Owner\Favorites\Radio Station Guide.url Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\ApplicationHistory\RegAsm.exe.11f1da13.ini Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Works\Portfolio\Sample.wsb Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}\1033.MST Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}\Java 2 Runtime Environment, SE v1.4.2_03.msi Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012004012620040127\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012004092720041004\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012004100420041005\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\jusched.log Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\pcf1.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\ml1.srt Object is locked skipped
C:\Documents and Settings\Owner\ml2.srt Object is locked skipped
C:\Documents and Settings\Owner\My Documents\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\My Documents\My Music\Desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\My Documents\My Music\Get More with Jukebox Plus.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\My Music\Sample Music.lnk Object is locked skipped
C:\Documents and Settings\Owner\My Documents\My Pictures\Desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\My Documents\My Pictures\Sample Pictures.lnk Object is locked skipped
C:\Documents and Settings\Owner\My Documents\My Videos\Desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\ntuser.ini Object is locked skipped
C:\Documents and Settings\Owner\Recent\3½ Floppy (A).lnk Object is locked skipped
C:\Documents and Settings\Owner\Recent\blocks.lnk Object is locked skipped
C:\Documents and Settings\Owner\Recent\Desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Recent\Finis.lnk Object is locked skipped
C:\Documents and Settings\Owner\Recent\msnfix (2).lnk Object is locked skipped
C:\Documents and Settings\Owner\Recent\msnfix.lnk Object is locked skipped
C:\Documents and Settings\Owner\Recent\msnfixjs (2).lnk Object is locked skipped
C:\Documents and Settings\Owner\Recent\msnfixjs.lnk Object is locked skipped
C:\Documents and Settings\Owner\Recent\NAR2.lnk Object is locked skipped
C:\Documents and Settings\Owner\SendTo\Compressed (zipped) Folder.ZFSendToTarget Object is locked skipped
C:\Documents and Settings\Owner\SendTo\Desktop (create shortcut).DeskLink Object is locked skipped
C:\Documents and Settings\Owner\SendTo\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\SendTo\Mail Recipient.MAPIMail Object is locked skipped
C:\Documents and Settings\Owner\SendTo\MUSICMATCH Burner Plus.lnk Object is locked skipped
C:\Documents and Settings\Owner\SendTo\My Documents.mydocs Object is locked skipped
C:\Documents and Settings\Owner\SendTo\RecordNow!.RecordNowSendToExt Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Accessibility\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Address Book.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Command Prompt.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Entertainment\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Entertainment\RealOne Player.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Notepad.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Program Compatibility Wizard.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Synchronize.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Tour Windows XP.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\Windows Explorer.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Online Services\Easy Internet Sign-up.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Outlook Express.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Remote Assistance.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\desktop.ini Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Zone.com Deluxe Games\Play Collapse! Deluxe.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Zone.com Deluxe Games\Play Cubis Deluxe.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Zone.com Deluxe Games\Play Mah Jong Tiles Deluxe.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Zone.com Deluxe Games\Play TextTwist Deluxe.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Zone.com Deluxe Games\Play Word MoJo Deluxe.lnk Object is locked skipped
C:\Documents and Settings\Owner\Start Menu\Programs\Zone.com Deluxe Games\Visit Zone.com Deluxe Games!.lnk Object is locked skipped
C:\Documents and Settings\Owner\tempdiff.txt Object is locked skipped
C:\Documents and Settings\Owner\Templates\amipro.sam Object is locked skipped
C:\Documents and Settings\Owner\Templates\excel.xls Object is locked skipped
C:\Documents and Settings\Owner\Templates\excel4.xls Object is locked skipped
C:\Documents and Settings\Owner\Templates\lotus.wk4 Object is locked skipped
C:\Documents and Settings\Owner\Templates\powerpnt.ppt Object is locked skipped
C:\Documents and Settings\Owner\Templates\presenta.shw Object is locked skipped
C:\Documents and Settings\Owner\Templates\quattro.wb2 Object is locked skipped
C:\Documents and Settings\Owner\Templates\sndrec.wav Object is locked skipped
C:\Documents and Settings\Owner\Templates\winword.doc Object is locked skipped
C:\Documents and Settings\Owner\Templates\winword2.doc Object is locked skipped
C:\Documents and Settings\Owner\Templates\wordpfct.wpd Object is locked skipped
C:\Documents and Settings\Owner\Templates\wordpfct.wpg Object is locked skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arr3.jar-44f46a27-40822d38.zip/Counter.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arr3.jar-44f46a27-40822d38.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arr3.jar-44f46a27-40822d38.zip/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arr3.jar-44f46a27-40822d38.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-68a78113-30f4dccb.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-68a78113-30f4dccb.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-68a78113-30f4dccb.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-68a78113-30f4dccb.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-540c1c76-4067b059.zip/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-540c1c76-4067b059.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-540c1c76-4067b059.zip ZIP: infected - 2 skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-5d29f7ed-52026c20.zip/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-5d29f7ed-52026c20.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-5d29f7ed-52026c20.zip ZIP: infected - 2 skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv430.jar-61fcb0a5-41babed0.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv430.jar-61fcb0a5-41babed0.zip/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv430.jar-61fcb0a5-41babed0.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv430.jar-61fcb0a5-41babed0.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv557.jar-23cd1d22-30b6c555.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv557.jar-23cd1d22-30b6c555.zip/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv557.jar-23cd1d22-30b6c555.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\Owner.BOBBY\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv557.jar-23cd1d22-30b6c555.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Owner.BOBBY\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner.BOBBY\Desktop\backups\backup-20050726-184927-316.dll Infected: not-a-virus:AdWare.Win32.Comet.e skipped
C:\Documents and Settings\Owner.BOBBY\Desktop\backups\backup-20050726-184928-521.dll Infected: not-a-virus:AdWare.Win32.Comet.e skipped
C:\Documents and Settings\Owner.BOBBY\Desktop\[4]-Submit_2007-11-05@11.28.zip/nvchost.exe Infected: Packed.Win32.Klone.j skipped
C:\Documents and Settings\Owner.BOBBY\Desktop\[4]-Submit_2007-11-05@11.28.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\0394ccd6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\0b2331d6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\0d42b0d6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\1bc6f4d6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\23a82af6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\24833106.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\25f48af6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\29be5ab6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\30d261f6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\3f4db1d6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\435c95b6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\4bf9a8f6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\4fb79af6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\52690ee6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\64a88ce6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\68baaaf6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\698175c6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\84c10ff6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\859c3af6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\8d7c66d6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\9721abf6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\99ca1af6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\a7a70536.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\ae9f9ea6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\b26acbd6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\b4a073d6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\bd879af6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\c8c1faf6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\c8d726e6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\d74acaf6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\e2d89356.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\ebf93af6.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\ef6bd166.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Temp\me_L Object is locked skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Temp\me_oRYLv9o5cb0u0wp Object is locked skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Temp\me_wmvK22GBldMRCka Object is locked skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Temp\me_xwzHMAIZ99 Object is locked skipped
C:\Documents and Settings\Owner.BOBBY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner.BOBBY\My Documents\My Music\Bobby Favorites\BSINSTALL.exe/WISE0026.BIN/clientax.dll Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
C:\Documents and Settings\Owner.BOBBY\My Documents\My Music\Bobby Favorites\BSINSTALL.exe/WISE0026.BIN Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
C:\Documents and Settings\Owner.BOBBY\My Documents\My Music\Bobby Favorites\BSINSTALL.exe WiseSFX: infected - 2 skipped
C:\Documents and Settings\Owner.BOBBY\My Documents\My Music\Bobby Favorites\BSINSTALL.exe WiseSFX Dropper: infected - 2 skipped
C:\Documents and Settings\Owner.BOBBY\My Documents\My Music\My Downloads\Native.Instruments.Traktor.DJ.Studio.v3.1.3.incl.Keygen-AiR.zip/Native.Instruments.Traktor.DJ.Studio.v3.1.3.incl.Keygen-AiR/NI_TRAKTOR_DJ_STUDIO_KEYGEN.exe Infected: Trojan-Dropper.Win32.Delf.xo skipped
C:\Documents and Settings\Owner.BOBBY\My Documents\My Music\My Downloads\Native.Instruments.Traktor.DJ.Studio.v3.1.3.incl.Keygen-AiR.zip/Native.Instruments.Traktor.DJ.Studio.v3.1.3.incl.Keygen-AiR/setup.exe Infected: Trojan-Dropper.Win32.Delf.xo skipped
C:\Documents and Settings\Owner.BOBBY\My Documents\My Music\My Downloads\Native.Instruments.Traktor.DJ.Studio.v3.1.3.incl.Keygen-AiR.zip ZIP: infected - 2 skipped
C:\Documents and Settings\Owner.BOBBY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Owner.BOBBY\ntuser.dat.LOG Object is locked skipped
C:\Downloads\RollerCoasterTycoon2-dm[1].exe Infected: not-a-virus:AdWare.Win32.Trymedia.b skipped
C:\Program Files\e52wpldb\ujj4trfr.DLL Infected: not-a-virus:AdWare.Win32.ClearSearch.al skipped
C:\Program Files\Kodak\Kodak EasyShare software\Catalog\EasyShare.me Object is locked skipped
C:\Program Files\Kodak\Kodak EasyShare software\Catalog\EasyShare.mm Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\BWKDLogs\BWTargetInf.log Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\agent.log Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\busyprs.log Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\BWLocalWebListener.log Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\FileDL.log Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\inuse.txt Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\L0000011.FCS Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\main.log Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\report.log Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\RG.log Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\scheddbg.log Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.idx Object is locked skipped
C:\Program Files\MalwareWiped 6.9\MalwareWiped 6.9.exe Infected: not-a-virus:FraudTool.Win32.MalwareWipe.q skipped
C:\Program Files\Morpheus\morpheustoolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped
C:\Program Files\ProcManager.exe Infected: not-a-virus:RiskTool.Win32.PsKill.a skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\onljweo.dll.vir Infected: Trojan-Downloader.Win32.Agent.bkd skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP789\A0129313.exe Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP800\A0129712.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP800\A0129713.DLL Infected: not-a-virus:AdWare.Win32.MySearch.e skipped
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP800\A0129714.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.o skipped
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP808\A0130929.dll Infected: Trojan-Downloader.Win32.Agent.bkd skipped
C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP810\change.log Object is locked skipped
C:\WINDOWS\bundles\setup_silent_26221.exe/data0001.bin Infected: not-a-virus:AdWare.Win32.MDH.a skipped
C:\WINDOWS\bundles\setup_silent_26221.exe AWInstall: infected - 1 skipped
C:\WINDOWS\bundles\setup_silent_26221.exe UPX: infected - 1 skipped
C:\WINDOWS\bundles\shopinst.exe Infected: Trojan-Downloader.Win32.Small.wj skipped
C:\WINDOWS\bundles\traspec7.exe Infected: not-a-virus:AdWare.Win32.BetterInternet.aw skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWFX5LP_0001_0715NetInstaller.exe Infected: not-a-virus:Downloader.Win32.Agent.e skipped
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWFX5LP_0001_0715NetInstaller.exe Infected: not-a-virus:Downloader.Win32.Agent.e skipped
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UWFX5LP_0001_0715NetInstaller.exe Infected: not-a-virus:Downloader.Win32.Agent.e skipped
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\UWFX5LP_0001_0715NetInstaller.exe Infected: not-a-virus:Downloader.Win32.Agent.e skipped
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWFX5LP_0001_0715NetInstaller.exe Infected: not-a-virus:Downloader.Win32.Agent.e skipped
C:\WINDOWS\Downloaded Program Files\CONFLICT.6\UWFX5LP_0001_0715NetInstaller.exe Infected: not-a-virus:Downloader.Win32.Agent.e skipped
C:\WINDOWS\inst\3p_2.exe/WISE0001.BIN Infected: Trojan-Downloader.Win32.TSUpdate.f skipped
C:\WINDOWS\inst\3p_2.exe/WISE0007.BIN Infected: Trojan-Downloader.Win32.TSUpdate.f skipped
C:\WINDOWS\inst\3p_2.exe WiseSFX: infected - 2 skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb Object is locked skipped
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log Object is locked skipped
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\Cache\b2s-162813-fran.exe/data0003 Infected: not-a-virus:AdWare.Win32.Ilookup.b skipped
C:\WINDOWS\system32\Cache\b2s-162813-fran.exe NSIS: infected - 1 skipped
C:\WINDOWS\system32\Cache\BlazeVCM.exe/data0002 Infected: Trojan-Downloader.Win32.Envolo.b skipped
C:\WINDOWS\system32\Cache\BlazeVCM.exe/data0004 Infected: Trojan-Downloader.Win32.Envolo.c skipped
C:\WINDOWS\system32\Cache\BlazeVCM.exe NSIS: infected - 2 skipped
C:\WINDOWS\system32\Cache\pounder.exe/Stream/data0002 Infected: Backdoor.Win32.VB.aat skipped
C:\WINDOWS\system32\Cache\pounder.exe/Stream Infected: Backdoor.Win32.VB.aat skipped
C:\WINDOWS\system32\Cache\pounder.exe Inno: infected - 2 skipped
C:\WINDOWS\system32\Cache\shopinst.exe Infected: Trojan-Downloader.Win32.Small.wj skipped
C:\WINDOWS\system32\Cache\videoinst.exe Infected: Trojan-Downloader.Win32.Small.wj skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\ehlzeb.dll Infected: Trojan.Win32.Obfuscated.ev skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\hrcopul.dll Infected: Trojan-Downloader.Win32.Busky.s skipped
C:\WINDOWS\system32\kdrix.exe Infected: Trojan.Win32.DNSChanger.kx skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\qfyqakn.dll Infected: Trojan.Win32.Obfuscated.ev skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\ztysid.exe Infected: not-a-virus:AdWare.Win32.Adstart.i skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\woinstall.exe/WISE0001.BIN Infected: not-a-virus:AdWare.Win32.EZula.ak skipped
C:\WINDOWS\woinstall.exe WiseSFX: infected - 1 skipped
D:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP810\change.log Object is locked skipped

Scan process completed.
Attached Files
File Type: txt hijackthislog 11-04-07.txt (5.6 KB, 1 views)
File Type: txt kaspersky-report.txt (80.6 KB, 2 views)
File Type: txt CFScriptlogfile 11-04-07.txt (5.4 KB, 2 views)
Last edited by sUBs; 11-04-2007 at 08:46 PM.
Bobby Smith is offline