All done.
Logfile of HijackThis v1.99.1
Scan saved at 7:17:03 PM, on 6/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\htpatch.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\PrintScreen\PrintScreen.exe
C:\WINDOWS\system32\sistray.exe
D:\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hijackthis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "D:\PrintScreen\PrintScreen.exe" /nosplash
O4 - Startup: Stardock ObjectDock.lnk = D:\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: E-Color.lnk = C:\Program Files\E-Color\Common\IconMgr.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Easy-WebPrint Add To Print List -
res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print -
res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview -
res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print -
res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WBSrv - D:\STARDOCK\OBJECT~1\WINDOW~1\wbsrv.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Kaspersky Results
KASPERSKY ONLINE SCANNER REPORT
Friday, June 22, 2007 7:15:14 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 23/06/2007
Kaspersky Anti-Virus database records: 351188
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
F:\
G:\
Scan Statistics:
Total number of scanned objects: 36601
Number of viruses found: 16
Number of infected objects: 95 / 0
Number of suspicious objects: 0
Duration of the scan process: 00:20:25
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\TWYLYGHT\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\TWYLYGHT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\TWYLYGHT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\TWYLYGHT\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\TWYLYGHT\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\TWYLYGHT\ntuser.dat Object is locked skipped
C:\Documents and Settings\TWYLYGHT\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped
C:\Program Files\Hijackthis\backups\backup-20070622-184305-398.dll Infected: not-a-virus:AdWare.Win32.Agent.db skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP36\A0010211.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP36\A0010243.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP36\A0010270.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP37\A0010298.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP38\A0010373.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP38\A0010395.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP38\A0010464.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP39\A0010471.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP39\A0010506.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP39\A0010567.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP39\A0010612.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP40\A0010616.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP40\A0010663.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP40\A0010716.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP40\A0010748.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP41\A0010782.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP41\A0010832.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP41\A0010846.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP42\A0010864.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP42\A0010895.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP42\A0010930.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP43\A0010955.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP43\A0011000.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP43\A0011037.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP43\A0011073.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP44\A0011093.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP44\A0011139.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP48\A0011626.exe Infected: Backdoor.Win32.VB.kb skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP48\A0012636.exe/Stream/data0002 Infected: not-a-virus:Downloader.Win32.WinFixer.t skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP48\A0012636.exe/Stream Infected: not-a-virus:Downloader.Win32.WinFixer.t skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP48\A0012636.exe Inno: infected - 2 skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP48\A0012646.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP48\A0014695.exe/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.fk skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP48\A0014695.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP48\A0016679.dll Infected: not-a-virus:AdWare.Win32.TTC.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP48\A0017735.exe/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.fk skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP48\A0017735.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP48\A0018750.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP48\A0020046.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020099.exe/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.fk skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020099.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020216.exe/PRE/data/{65145FC9-DEA0-4738-A4FE-376C2BA51806}/1/EnigmaUpdater.dll Infected: not-a-virus:FraudTool.Win32.SpyHunter.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020216.exe/PRE/data/{65145FC9-DEA0-4738-A4FE-376C2BA51806}/2/esgi_md5h.dll Infected: not-a-virus:FraudTool.Win32.SpyHunter.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020216.exe/PRE/data/{65145FC9-DEA0-4738-A4FE-376C2BA51806}/7/SpyHunter.exe Infected: not-a-virus:FraudTool.Win32.SpyHunter.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020216.exe/PRE/data/{65145FC9-DEA0-4738-A4FE-376C2BA51806}/17/Esgiutl1.dll Infected: not-a-virus:FraudTool.Win32.SpyHunter.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020216.exe/PRE/data/{65145FC9-DEA0-4738-A4FE-376C2BA51806}/18/SHSched.dll Infected: not-a-virus:FraudTool.Win32.SpyHunter.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020216.exe/PRE Infected: not-a-virus:FraudTool.Win32.SpyHunter.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020216.exe Ghost Installer: infected - 6 skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020216.exe UPX: infected - 6 skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020221.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020222.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.r skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020223.exe Infected: not-a-virus:Downloader.Win32.WinFixer.t skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020224.exe Infected: not-a-virus:Downloader.Win32.WinFixer.o skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020225.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020226.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020227.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020228.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020234.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020264.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.r skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020481.dll Infected: not-a-virus:AdWare.Win32.TTC.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0020492.exe Infected: not-a-virus:Downloader.Win32.WinFixer.x skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0021635.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP49\A0021641.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022721.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022722.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022757.dll Infected: not-a-virus:AdWare.Win32.Agent.db skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022768.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022769.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022770.dll Infected: not-a-virus:AdWare.Win32.TTC.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022771.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022788.exe/PRE/data/{65145FC9-DEA0-4738-A4FE-376C2BA51806}/1/EnigmaUpdater.dll Infected: not-a-virus:FraudTool.Win32.SpyHunter.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022788.exe/PRE/data/{65145FC9-DEA0-4738-A4FE-376C2BA51806}/2/esgi_md5h.dll Infected: not-a-virus:FraudTool.Win32.SpyHunter.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022788.exe/PRE/data/{65145FC9-DEA0-4738-A4FE-376C2BA51806}/7/SpyHunter.exe Infected: not-a-virus:FraudTool.Win32.SpyHunter.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022788.exe/PRE/data/{65145FC9-DEA0-4738-A4FE-376C2BA51806}/17/Esgiutl1.dll Infected: not-a-virus:FraudTool.Win32.SpyHunter.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022788.exe/PRE/data/{65145FC9-DEA0-4738-A4FE-376C2BA51806}/18/SHSched.dll Infected: not-a-virus:FraudTool.Win32.SpyHunter.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022788.exe/PRE Infected: not-a-virus:FraudTool.Win32.SpyHunter.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022788.exe Ghost Installer: infected - 6 skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022788.exe UPX: infected - 6 skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022789.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022801.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022806.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022807.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022808.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022809.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022812.dll Infected: not-a-virus:AdWare.Win32.TTC.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022815.dll Infected: not-a-virus:AdWare.Win32.TTC.b skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022818.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022826.exe Infected: not-a-virus:Downloader.Win32.WinFixer.x skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\A0022830.exe Infected: Trojan-Downloader.Win32.VB.aya skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\change.log Object is locked skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\cbxyvwu.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\GExjds6N.exe Infected: Backdoor.Win32.VB.kb skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\pmnnm.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_49c.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\xmlhelper.dll Infected: not-a-virus:AdWare.Win32.Agent.db skipped
D:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP50\change.log Object is locked skipped
Scan process completed.