Tech Support Forum - View Single Post - Need Help computer has major problems Please Advise

QueenDawn1 · 05-12-2008, 07:43 AM

KASPERSKY ONLINE SCANNER REPORT
Monday, May 12, 2008 10:38:41 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 12/05/2008
Kaspersky Anti-Virus database records: 760853

Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\

Scan Statistics
Total number of scanned objects 317560
Number of viruses found 35
Number of infected objects 58
Number of suspicious objects 9
Duration of the scan process 02:49:37

Infected Object Name Virus Name Last Action
C:\Deckard\System Scanner\backup\DOCUME~1\Dawn\LOCALS~1\Temp\symlcsv1.exe Infected: IM-Worm.Win32.Pykse.l skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\482755b0870c2b6ca18bd22f5499552a_0b32d61c-5297-4a0d-bb47-b8e0de60ad6e Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4e2b5febbafec1e20240010f5c3bdfeb_0b32d61c-5297-4a0d-bb47-b8e0de60ad6e Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bef0e9808b6a137b6847a3081b812f81_0b32d61c-5297-4a0d-bb47-b8e0de60ad6e Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\df8a276c7e50c46ad42316a86da427f0_0b32d61c-5297-4a0d-bb47-b8e0de60ad6e Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy2.zip/msexreg.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy2.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy5.zip/trkgif.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy5.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Yazzle.zip/Yazzle1552OinUninstaller.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Yazzle.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-05-11_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\45DB918B.TMP Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\551F769C.TMP Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SubEng\submissions.idx Object is locked skipped

C:\Documents and Settings\Dawn\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Dawn\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Dawn\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Dawn\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Dawn\Local Settings\temp\Av-test.txt Infected: EICAR-Test-File skipped

C:\Documents and Settings\Dawn\Local Settings\temp\Perflib_Perfdata_c44.dat Object is locked skipped

C:\Documents and Settings\Dawn\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Dawn\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Dawn\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Dawn\Shared\06 Track 6.wma Infected: Trojan-Downloader.WMA.Wimad.l skipped

C:\Documents and Settings\Dawn\Shared\07 Track 7.wma Infected: Trojan-Downloader.WMA.Wimad.l skipped

C:\Documents and Settings\Dawn\Shared\call from god.wm Infected: Trojan-Downloader.WMA.Wimad.m skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\My Games\Alice Greenfingers\AliceGreenfingers.exe Suspicious: Type_Win32 skipped

C:\My Games\Jane's Hotel\Jane's Hotel.exe Suspicious: Type_Win32 skipped

C:\My Games\SpongeBob SquarePants Collapse!\sbc.exe Suspicious: Type_Win32 skipped

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\NFWEVT.LOG Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped

C:\Program Files\Hot Dish\jwfcplg.exe Infected: Net-Worm.Win32.Kolabc.er skipped

C:\Program Files\Symantec\Norton AntiVirus\AVApp.log Object is locked skipped

C:\Program Files\Symantec\Norton AntiVirus\AVError.log Object is locked skipped

C:\Program Files\Symantec\Norton AntiVirus\AVVirus.log Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325300.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325301.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325302.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325303.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325304.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325305.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325306.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0326300.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1047\A0344759.exe Infected: Backdoor.Win32.Mex.s skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1050\A0344832.sys Infected: Trojan-PSW.Win32.OnLineGames.abis skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1050\A0344833.sys Infected: Trojan-PSW.Win32.OnLineGames.abis skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1051\A0345860.dll Infected: Trojan-PSW.Win32.Agent.ahk skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1052\A0347014.sys Infected: Trojan-PSW.Win32.Agent.ahl skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1052\A0347025.dll Infected: Trojan-PSW.Win32.OnLineGames.aayo skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1053\A0347051.dll Infected: Trojan-PSW.Win32.OnLineGames.abne skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1064\A0349304.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1065\A0349350.exe Infected: not-a-virus:AdWare.Win32.WebHancer.423 skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1065\A0349351.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1065\A0349352.exe Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349359.dll Infected: Trojan.Win32.Monder.gen skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349360.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.quk skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349361.sys Infected: Rootkit.Win32.Agent.aii skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349362.sys Infected: Rootkit.Win32.Agent.aii skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349363.exe Infected: not-virus:Hoax.Win32.Renos.ccc skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349365.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.gb skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349365.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349369.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.quk skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349370.dll Infected: Trojan.Win32.Monder.db skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349375.dll Infected: Trojan.Win32.Monder.gen skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349377.exe Infected: not-virus:Hoax.Win32.Renos.ccc skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349413.exe Infected: Trojan-Downloader.Win32.Agent.oht skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349415.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.423 skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349415.exe/data.rar/whInstaller.exe Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349415.exe/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349415.exe/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349415.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349415.exe RarSFX: infected - 5 skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349418.dll Infected: Trojan.Win32.Monder.dd skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349419.dll Infected: Trojan.Win32.Monder.gen skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349421.dll Infected: Trojan.Win32.Monder.gen skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349424.dll Infected: Trojan.Win32.Monder.dc skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349425.dll Infected: Trojan.Win32.Monder.gen skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349427.dll Infected: Trojan.Win32.Monder.gen skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1072\change.log Object is locked skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP998\A0312333.rbf Infected: not-a-virus:FraudTool.Win32.AntiSpywareBot.k skipped

C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP998\A0312334.rbf Infected: not-a-virus:FraudTool.Win32.AntiSpywareBot.l skipped

C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\Fonts\micross11.ttf Infected: Trojan.Win32.Agent.kmo skipped

C:\WINDOWS\Fonts\micross12.ttf Infected: Trojan.Win32.Agent.kmo skipped

C:\WINDOWS\Fonts\micross15.ttf Infected: Trojan.Win32.Agent.kmo skipped

C:\WINDOWS\Fonts\micross4.ttf Infected: Trojan-PSW.Win32.OnLineGames.zjk skipped

C:\WINDOWS\Fonts\micross6.ttf Infected: Trojan-PSW.Win32.OnLineGames.abiu skipped

C:\WINDOWS\Fonts\micross8.ttf Infected: Trojan.Win32.Agent.kmo skipped

C:\WINDOWS\Fonts\micross9.ttf Infected: Trojan.Win32.Agent.kmo skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{3FBEF1D5-594F-422A-8A13-9083FAB8D128}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{F0D750A8-9DD8-4BCB-9887-7EE0360348C1}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

05-12-2008, 07:43 AM	#21 (permalink)
QueenDawn1 Registered User Join Date: May 2008 Posts: 18 OS: xp	Re: Need Help computer has major problems Please Advise KASPERSKY ONLINE SCANNER REPORT Monday, May 12, 2008 10:38:41 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 12/05/2008 Kaspersky Anti-Virus database records: 760853 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer A:\ C:\ D:\ E:\ Scan Statistics Total number of scanned objects 317560 Number of viruses found 35 Number of infected objects 58 Number of suspicious objects 9 Duration of the scan process 02:49:37 Infected Object Name Virus Name Last Action C:\Deckard\System Scanner\backup\DOCUME~1\Dawn\LOCALS~1\Temp\symlcsv1.exe Infected: IM-Worm.Win32.Pykse.l skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\482755b0870c2b6ca18bd22f5499552a_0b32d61c-5297-4a0d-bb47-b8e0de60ad6e Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4e2b5febbafec1e20240010f5c3bdfeb_0b32d61c-5297-4a0d-bb47-b8e0de60ad6e Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bef0e9808b6a137b6847a3081b812f81_0b32d61c-5297-4a0d-bb47-b8e0de60ad6e Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\df8a276c7e50c46ad42316a86da427f0_0b32d61c-5297-4a0d-bb47-b8e0de60ad6e Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy2.zip/msexreg.exe Suspicious: Password-protected-EXE skipped C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy2.zip ZIP: suspicious - 1 skipped C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy5.zip/trkgif.exe Suspicious: Password-protected-EXE skipped C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy5.zip ZIP: suspicious - 1 skipped C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Yazzle.zip/Yazzle1552OinUninstaller.exe Suspicious: Password-protected-EXE skipped C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Yazzle.zip ZIP: suspicious - 1 skipped C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-05-11_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\45DB918B.TMP Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\551F769C.TMP Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SubEng\submissions.idx Object is locked skipped C:\Documents and Settings\Dawn\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Dawn\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Dawn\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Dawn\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Dawn\Local Settings\temp\Av-test.txt Infected: EICAR-Test-File skipped C:\Documents and Settings\Dawn\Local Settings\temp\Perflib_Perfdata_c44.dat Object is locked skipped C:\Documents and Settings\Dawn\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Dawn\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Dawn\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Dawn\Shared\06 Track 6.wma Infected: Trojan-Downloader.WMA.Wimad.l skipped C:\Documents and Settings\Dawn\Shared\07 Track 7.wma Infected: Trojan-Downloader.WMA.Wimad.l skipped C:\Documents and Settings\Dawn\Shared\call from god.wm Infected: Trojan-Downloader.WMA.Wimad.m skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\My Games\Alice Greenfingers\AliceGreenfingers.exe Suspicious: Type_Win32 skipped C:\My Games\Jane's Hotel\Jane's Hotel.exe Suspicious: Type_Win32 skipped C:\My Games\SpongeBob SquarePants Collapse!\sbc.exe Suspicious: Type_Win32 skipped C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped C:\Program Files\Common Files\Symantec Shared\NFWEVT.LOG Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped C:\Program Files\Hot Dish\jwfcplg.exe Infected: Net-Worm.Win32.Kolabc.er skipped C:\Program Files\Symantec\Norton AntiVirus\AVApp.log Object is locked skipped C:\Program Files\Symantec\Norton AntiVirus\AVError.log Object is locked skipped C:\Program Files\Symantec\Norton AntiVirus\AVVirus.log Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325300.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325301.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325302.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325303.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325304.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325305.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0325306.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1021\A0326300.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1047\A0344759.exe Infected: Backdoor.Win32.Mex.s skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1050\A0344832.sys Infected: Trojan-PSW.Win32.OnLineGames.abis skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1050\A0344833.sys Infected: Trojan-PSW.Win32.OnLineGames.abis skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1051\A0345860.dll Infected: Trojan-PSW.Win32.Agent.ahk skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1052\A0347014.sys Infected: Trojan-PSW.Win32.Agent.ahl skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1052\A0347025.dll Infected: Trojan-PSW.Win32.OnLineGames.aayo skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1053\A0347051.dll Infected: Trojan-PSW.Win32.OnLineGames.abne skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1064\A0349304.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1065\A0349350.exe Infected: not-a-virus:AdWare.Win32.WebHancer.423 skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1065\A0349351.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1065\A0349352.exe Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349359.dll Infected: Trojan.Win32.Monder.gen skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349360.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.quk skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349361.sys Infected: Rootkit.Win32.Agent.aii skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349362.sys Infected: Rootkit.Win32.Agent.aii skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349363.exe Infected: not-virus:Hoax.Win32.Renos.ccc skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349365.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.gb skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349365.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349369.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.quk skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349370.dll Infected: Trojan.Win32.Monder.db skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349375.dll Infected: Trojan.Win32.Monder.gen skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1066\A0349377.exe Infected: not-virus:Hoax.Win32.Renos.ccc skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349413.exe Infected: Trojan-Downloader.Win32.Agent.oht skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349415.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.423 skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349415.exe/data.rar/whInstaller.exe Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349415.exe/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349415.exe/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349415.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349415.exe RarSFX: infected - 5 skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349418.dll Infected: Trojan.Win32.Monder.dd skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349419.dll Infected: Trojan.Win32.Monder.gen skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349421.dll Infected: Trojan.Win32.Monder.gen skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349424.dll Infected: Trojan.Win32.Monder.dc skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349425.dll Infected: Trojan.Win32.Monder.gen skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1067\A0349427.dll Infected: Trojan.Win32.Monder.gen skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP1072\change.log Object is locked skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP998\A0312333.rbf Infected: not-a-virus:FraudTool.Win32.AntiSpywareBot.k skipped C:\System Volume Information\_restore{B62C377D-015B-4860-A5B6-2180131C522E}\RP998\A0312334.rbf Infected: not-a-virus:FraudTool.Win32.AntiSpywareBot.l skipped C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Fonts\micross11.ttf Infected: Trojan.Win32.Agent.kmo skipped C:\WINDOWS\Fonts\micross12.ttf Infected: Trojan.Win32.Agent.kmo skipped C:\WINDOWS\Fonts\micross15.ttf Infected: Trojan.Win32.Agent.kmo skipped C:\WINDOWS\Fonts\micross4.ttf Infected: Trojan-PSW.Win32.OnLineGames.zjk skipped C:\WINDOWS\Fonts\micross6.ttf Infected: Trojan-PSW.Win32.OnLineGames.abiu skipped C:\WINDOWS\Fonts\micross8.ttf Infected: Trojan.Win32.Agent.kmo skipped C:\WINDOWS\Fonts\micross9.ttf Infected: Trojan.Win32.Agent.kmo skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{3FBEF1D5-594F-422A-8A13-9083FAB8D128}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{F0D750A8-9DD8-4BCB-9887-7EE0360348C1}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.