Scan saved at 4:02:01 PM, on 5/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TRENDM~1\INTERN~2\pccguide.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\PcScnSrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\scanner.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [pccguide.exe] C:\PROGRA~1\TRENDM~1\INTERN~2\pccguide.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai...cat-no-eula.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1163906523312
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/...mjolauncher.cab
O16 - DPF: {809A6301-7B40-4436-A02C-87B8D3D7D9E3} (ZPA_DMNO Object) - http://zone.msn.com/...no.cab55579.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/...O1.cab50727.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/...xy.cab55579.cab
O16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} (ZPA_Backgammon Object) - http://zone.msn.com/...on.cab55579.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live Mail desktop\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcScnSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (file missing)
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
KASPERSKY ONLINE SCANNER REPORT
Sunday, May 27, 2007 4:01:24 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 27/05/2007
Kaspersky Anti-Virus database records: 330593
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
N:\
O:\
P:\
Q:\
Scan Statistics:
Total number of scanned objects: 202002
Number of viruses found: 15
Number of infected objects: 112
Number of suspicious objects: 0
Duration of the scan process: 03:40:43
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\SecTaskMan\auvskivq.dll.q_804C034_q Infected: Trojan.Win32.BHO.o skipped
C:\Documents and Settings\All Users\Application Data\SecTaskMan\vbjoprge.dll.q_804C034_q Infected: Trojan.Win32.BHO.o skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Nash\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Nash\Desktop\backups\backup-20070515-063431-139.dll Infected: Trojan.Win32.BHO.o skipped
C:\Documents and Settings\Nash\Desktop\backups\backup-20070515-063431-769.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped
C:\Documents and Settings\Nash\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Nash\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Nash\Local Settings\Application Data\Microsoft\Windows Live Mail desktop\a71rambler@hotmail.com\On This Com feb\RecoveredMe 730\4ED21E95-0000001D.eml/[From "Rx_Pharmacy" <pillsale@mdshopnsvetoday.net>][Date Wed, 24 Jan 2007 04:26:49 -0700]/HUGE_RX_MEDICATION_SALE_PLEASE_CLICK_HERE.htm Infected: Trojan.JS.Redirector.b skipped
C:\Documents and Settings\Nash\Local Settings\Application Data\Microsoft\Windows Live Mail desktop\a71rambler@hotmail.com\On This Com feb\RecoveredMe 730\4ED21E95-0000001D.eml Mail: infected - 1 skipped
C:\Documents and Settings\Nash\Local Settings\Application Data\Microsoft\Windows Live Mail desktop\a71rambler@hotmail.com\On This Com feb\RecoveredMe 730\680B71F1-0000003E.eml/[From "Descrete-Med-Shop" <Pilsletodye@gesmstartmeds.net>][Date Mon, 29 Jan 2007 21:53:13 +0100]/UNNAMED/[From DON BERTHO <donbertho@yahoo.com>][Date Tue, 23 Jan 2007 00:11:48 -0800 (PST)]/HUGE_RX_MEDICATION_SALE_PLEASE_CLICK_HERE.htm Infected: Trojan.JS.Redirector.b skipped
C:\Documents and Settings\Nash\Local Settings\Application Data\Microsoft\Windows Live Mail desktop\a71rambler@hotmail.com\On This Com feb\RecoveredMe 730\680B71F1-0000003E.eml/[From "Descrete-Med-Shop" <Pilsletodye@gesmstartmeds.net>][Date Mon, 29 Jan 2007 21:53:13 +0100]/UNNAMED Infected: Trojan.JS.Redirector.b skipped
C:\Documents and Settings\Nash\Local Settings\Application Data\Microsoft\Windows Live Mail desktop\a71rambler@hotmail.com\On This Com feb\RecoveredMe 730\680B71F1-0000003E.eml Mail: infected - 2 skipped
C:\Documents and Settings\Nash\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Nash\Local Settings\Temp\RarSFX0\post ext sp6.exe/EXE-file/EXE-file/EXE-file/EXE-file Infected: Backdoor.Win32.DSSdoor.b skipped
C:\Documents and Settings\Nash\Local Settings\Temp\RarSFX0\post ext sp6.exe/EXE-file/EXE-file/EXE-file Infected: Backdoor.Win32.DSSdoor.b skipped
C:\Documents and Settings\Nash\Local Settings\Temp\RarSFX0\post ext sp6.exe/EXE-file/EXE-file Infected: Backdoor.Win32.DSSdoor.b skipped
C:\Documents and Settings\Nash\Local Settings\Temp\RarSFX0\post ext sp6.exe/EXE-file Infected: Backdoor.Win32.DSSdoor.b skipped
C:\Documents and Settings\Nash\Local Settings\Temp\RarSFX0\post ext sp6.exe Alloy: infected - 4 skipped
C:\Documents and Settings\Nash\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Nash\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Nash\My Documents\My Received Files\kf141.zip/keyfinder.exe/data.rar/xpkey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
C:\Documents and Settings\Nash\My Documents\My Received Files\kf141.zip/keyfinder.exe/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
C:\Documents and Settings\Nash\My Documents\My Received Files\kf141.zip/keyfinder.exe/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
C:\Documents and Settings\Nash\My Documents\My Received Files\kf141.zip/keyfinder.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped
C:\Documents and Settings\Nash\My Documents\My Received Files\kf141.zip ZIP: infected - 4 skipped
C:\Documents and Settings\Nash\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Nash\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Hijackthis\backups\backup-20070525-164621-543.dll Infected: Trojan.Win32.BHO.g skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2.tmp Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\36C.tmp Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\4.tmp Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6.tmp Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6B5.tmp Infected: Trojan-Downloader.Win32.Agent.bls skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6DA.tmp Infected: Trojan-Downloader.Win32.Agent.bls skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\7.tmp Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\8.tmp Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\9.tmp Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\A.tmp Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C92.tmp Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\DDF.tmp Infected: Trojan.Win32.Agent.qt skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\DE0.tmp Infected: Trojan-Downloader.Win32.Alphabet.gen skipped
C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\DE3.tmp Infected: Trojan-Downloader.Win32.Alphabet.gen skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP733\A0102291.exe/WISE0044.BIN/stream/data0005 Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP733\A0102291.exe/WISE0044.BIN/stream Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP733\A0102291.exe/WISE0044.BIN Infected: not-a-virus:AdWare.Win32.Softomate.j skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP733\A0102291.exe WiseSFX: infected - 3 skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP733\A0102291.exe WiseSFX Dropper: infected - 3 skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP738\A0102357.dll Infected: Trojan.Win32.BHO.o skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP751\A0102424.dll Infected: Trojan.Win32.BHO.o skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP761\A0102672.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP761\A0102675.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP762\A0102716.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP763\A0102815.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP763\A0102915.dll Infected: Trojan.Win32.Agent.qt skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP764\A0103002.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP764\A0104077.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jn skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP764\A0104078.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jn skipped
C:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP766\change.log Object is locked skipped
C:\VundoFix Backups\awvvt.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped
C:\VundoFix Backups\ddabc.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped
C:\VundoFix Backups\jkhff.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped
C:\VundoFix Backups\mljgd.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped
C:\VundoFix Backups\uqosbtgg.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\VundoFix Backups\winmxw32.dll.bad Infected: Trojan.Win32.Agent.qt skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\pw.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped
C:\WINDOWS\system32\config\OSession.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\ssttu.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\xgslvkuy.dll Infected: Trojan.Win32.BHO.o skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\Data\Nash\emoicons\EmoPackV1.zip/Extract.exe/stream/data0101 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\EmoPackV1.zip/Extract.exe/stream Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\EmoPackV1.zip/Extract.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\EmoPackV1.zip ZIP: infected - 3 skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV10.zip/Extract.exe/stream/data0101 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV10.zip/Extract.exe/stream Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV10.zip/Extract.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV10.zip ZIP: infected - 3 skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV11.zip/Extract.exe/stream/data0101 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV11.zip/Extract.exe/stream Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV11.zip/Extract.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV11.zip ZIP: infected - 3 skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV12.zip/Extract.exe/stream/data0098 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV12.zip/Extract.exe/stream Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV12.zip/Extract.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV12.zip ZIP: infected - 3 skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV13.zip/Extract.exe/stream/data0098 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV13.zip/Extract.exe/stream Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV13.zip/Extract.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV13.zip ZIP: infected - 3 skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV2.Zip/EmoPackV2.exe/stream/data0097 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV2.Zip/EmoPackV2.exe/stream Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV2.Zip/EmoPackV2.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV2.Zip ZIP: infected - 3 skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV4.zip/Extract.exe/data0102 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV4.zip/Extract.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV4.zip ZIP: infected - 2 skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV5.zip/Extract.exe/stream/data0101 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV5.zip/Extract.exe/stream Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV5.zip/Extract.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV5.zip ZIP: infected - 3 skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV6.zip/Extract.exe/stream/data0101 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV6.zip/Extract.exe/stream Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV6.zip/Extract.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV6.zip ZIP: infected - 3 skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV7.zip/Extract.exe/data0102 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV7.zip/Extract.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV7.zip ZIP: infected - 2 skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV8.zip/Extract.exe/data0102 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV8.zip/Extract.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV8.zip ZIP: infected - 2 skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV9.zip/Extract.exe/stream/data0101 Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV9.zip/Extract.exe/stream Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV9.zip/Extract.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
D:\Data\Nash\emoicons\MSN6.EmoPackV9.zip ZIP: infected - 3 skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP733\A0102300.exe/data.rar/post ext sp6.exe/EXE-file/EXE-file/EXE-file/EXE-file Infected: Backdoor.Win32.DSSdoor.b skipped
D:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP733\A0102300.exe/data.rar/post ext sp6.exe/EXE-file/EXE-file/EXE-file Infected: Backdoor.Win32.DSSdoor.b skipped
D:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP733\A0102300.exe/data.rar/post ext sp6.exe/EXE-file/EXE-file Infected: Backdoor.Win32.DSSdoor.b skipped
D:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP733\A0102300.exe/data.rar/post ext sp6.exe/EXE-file Infected: Backdoor.Win32.DSSdoor.b skipped
D:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP733\A0102300.exe/data.rar/post ext sp6.exe Infected: Backdoor.Win32.DSSdoor.b skipped
D:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP733\A0102300.exe/data.rar Infected: Backdoor.Win32.DSSdoor.b skipped
D:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP733\A0102300.exe RarSFX: infected - 6 skipped
E:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP757\A0102445.exe Infected: Trojan-Downloader.Win32.Small.ehb skipped
E:\System Volume Information\_restore{A021AF7D-1FCA-4875-9266-00C93705C542}\RP757\A0102448.exe Infected: Trojan-Downloader.Win32.Small.ehb skipped
K:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.