here are the files... those were 4 long hours.... (remember that i`m running vista on D:\ not C! if that matters...))
hijack logsLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:43:29, on 11.04.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
D:\Windows\system32\taskeng.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Program Files\Windows Defender\MSASCui.exe
D:\Windows\RtHDVCpl.exe
D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
D:\Program Files\Scroll Mouse\MouseElf.exe
D:\Program Files\AVG\AVG8\avgtray.exe
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\Scroll Mouse\EMouse.exe
D:\Program Files\YPOPs\YPOPs.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
D:\Program Files\Internet Explorer\ieuser.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Windows\system32\taskeng.exe
D:\Program Files\Azureus\Azureus.exe
D:\Windows\system32\SearchFilterHost.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE D:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] D:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [mouseElf] D:\PROGRA~1\SCROLL~1\MouseElf.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Yahoo! Pager] "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: YPOPs.lnk = ?
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O8 - Extra context menu item: Append to existing PDF -
res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF -
res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -
res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -
res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -
res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -
res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -
res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF -
res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - D:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
--
End of file - 7794 bytes
kaspersky online report-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, April 11, 2008 11:38:52 PM
Operating System: Microsoft Windows Vista Professional, (Build 6000)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 11/04/2008
Kaspersky Anti-Virus database records: 698130
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
Scan Statistics:
Total number of scanned objects: 335131
Number of viruses found: 9
Number of infected objects: 34
Number of suspicious objects: 0
Duration of the scan process: 03:16:18
Infected Object Name / Virus Name / Last Action
C:\Boot\BCD Object is locked skipped
C:\Boot\BCD.LOG Object is locked skipped
C:\boot.ini Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\Myth\Local Settings\Temp\hsperfdata_Myth\1160 Object is locked skipped
C:\Documents and Settings\Myth\Local Settings\Temp\NERO13390\Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped
C:\NTDETECT.COM Object is locked skipped
C:\ntldr Object is locked skipped
C:\pagefile.sys Object is locked skipped
C:\Program Files\Adobe\Adobe Device Central CS3\AMT\AUMProduct.cer Object is locked skipped
C:\Program Files\Azureus\.install4j\installation.log Object is locked skipped
C:\Program Files\Common Files\SWF Studio\FileSys.dll Object is locked skipped
C:\Program Files\Common Files\SWF Studio\SysInfo.dll Object is locked skipped
C:\Program Files\ESET\infected\DHY0W4CA.NQF Infected: not-a-virus:AdWare.Win32.SaveNow.bv skipped
C:\Program Files\InstallShield Installation Information\{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}\Setup.ilg Object is locked skipped
C:\Program Files\Mozilla Firefox\uninstall\uninstall.update Object is locked skipped
C:\WINDOWS\Debug\UserMode\userenv.log Object is locked skipped
C:\WINDOWS\diagerr.xml Object is locked skipped
C:\WINDOWS\diagwrn.xml Object is locked skipped
C:\WINDOWS\Minidump\Mini033008-01.dmp Object is locked skipped
C:\WINDOWS\Minidump\Mini033008-02.dmp Object is locked skipped
C:\WINDOWS\repair\autoexec.nt Object is locked skipped
C:\WINDOWS\repair\config.nt Object is locked skipped
C:\WINDOWS\repair\default Object is locked skipped
C:\WINDOWS\repair\ntuser.dat Object is locked skipped
C:\WINDOWS\repair\sam Object is locked skipped
C:\WINDOWS\repair\secsetup.inf Object is locked skipped
C:\WINDOWS\repair\security Object is locked skipped
C:\WINDOWS\repair\setup.log Object is locked skipped
C:\WINDOWS\repair\software Object is locked skipped
C:\WINDOWS\repair\system Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\default.sav Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\software.sav Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\system.sav Object is locked skipped
C:\WINDOWS\system32\config\TempKey.LOG Object is locked skipped
C:\WINDOWS\system32\config\userdiff Object is locked skipped
C:\WINDOWS\system32\config\userdiff.LOG Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wpa.bak Object is locked skipped
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job Object is locked skipped
C:\WINDOWS\Tasks\MP Scheduled Scan.job Object is locked skipped
D:\Program Files\Adobe\Adobe Device Central CS3\AMT\AUMProduct.cer Object is locked skipped
D:\ProgramData\avg8\AvgAm\avgam.lck Object is locked skipped
D:\ProgramData\avg8\emc\Log\emc.log Object is locked skipped
D:\ProgramData\avg8\Log\avgam.log Object is locked skipped
D:\ProgramData\avg8\Log\avgcore.log Object is locked skipped
D:\ProgramData\avg8\Log\avglng.log Object is locked skipped
D:\ProgramData\avg8\Log\avgns.log Object is locked skipped
D:\ProgramData\avg8\Log\avgrs.log Object is locked skipped
D:\ProgramData\avg8\Log\avgsched.log Object is locked skipped
D:\ProgramData\avg8\Log\avgui.log Object is locked skipped
D:\ProgramData\avg8\Log\avgwd.log Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Feeds Cache\index.dat Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\UsrClass.dat{841400c4-ff46-11dc-81f7-0019dba55ccf}.TM.blf Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\UsrClass.dat{841400c4-ff46-11dc-81f7-0019dba55ccf}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows\UsrClass.dat{841400c4-ff46-11dc-81f7-0019dba55ccf}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows Defender\FileTracker\{56F1C3A9-CCB4-4A33-A016-D6955A4DAF86} Object is locked skipped
D:\Users\Myth\AppData\Local\Microsoft\Windows Sidebar\Settings.ini Object is locked skipped
D:\Users\Myth\AppData\Local\Mozilla\Firefox\Profiles\t4hj1qeh.default\Cache\_CACHE_001_ Object is locked skipped
D:\Users\Myth\AppData\Local\Mozilla\Firefox\Profiles\t4hj1qeh.default\Cache\_CACHE_002_ Object is locked skipped
D:\Users\Myth\AppData\Local\Mozilla\Firefox\Profiles\t4hj1qeh.default\Cache\_CACHE_003_ Object is locked skipped
D:\Users\Myth\AppData\Local\Mozilla\Firefox\Profiles\t4hj1qeh.default\Cache\_CACHE_MAP_ Object is locked skipped
D:\Users\Myth\AppData\Local\Temp\FXSAPIDebugLogFile.txt Object is locked skipped
D:\Users\Myth\AppData\Local\VirtualStore\Program Files\YPOPs\ypops.log Object is locked skipped
D:\Users\Myth\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped
D:\Users\Myth\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat Object is locked skipped
D:\Users\Myth\AppData\Roaming\Mozilla\Firefox\Profiles\t4hj1qeh.default\cert8.db Object is locked skipped
D:\Users\Myth\AppData\Roaming\Mozilla\Firefox\Profiles\t4hj1qeh.default\formhistory.dat Object is locked skipped
D:\Users\Myth\AppData\Roaming\Mozilla\Firefox\Profiles\t4hj1qeh.default\history.dat Object is locked skipped
D:\Users\Myth\AppData\Roaming\Mozilla\Firefox\Profiles\t4hj1qeh.default\key3.db Object is locked skipped
D:\Users\Myth\AppData\Roaming\Mozilla\Firefox\Profiles\t4hj1qeh.default\parent.lock Object is locked skipped
D:\Users\Myth\AppData\Roaming\Mozilla\Firefox\Profiles\t4hj1qeh.default\search.sqlite Object is locked skipped
D:\Users\Myth\AppData\Roaming\Mozilla\Firefox\Profiles\t4hj1qeh.default\urlclassifier2.sqlite Object is locked skipped
D:\Users\Myth\NTUSER.DAT Object is locked skipped
D:\Users\Myth\ntuser.dat.LOG1 Object is locked skipped
D:\Users\Myth\ntuser.dat.LOG2 Object is locked skipped
D:\Users\Myth\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TM.blf Object is locked skipped
D:\Users\Myth\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
D:\Users\Myth\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
D:\Windows\Debug\PASSWD.LOG Object is locked skipped
D:\Windows\Debug\sam.log Object is locked skipped
D:\Windows\Debug\WIA\wiatrace.log Object is locked skipped
D:\Windows\Logs\CBS\CBS.log Object is locked skipped
D:\Windows\Logs\DPX\setupact.log Object is locked skipped
D:\Windows\Logs\DPX\setuperr.log Object is locked skipped
D:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config Object is locked skipped
D:\Windows\Panther\UnattendGC\diagerr.xml Object is locked skipped
D:\Windows\Panther\UnattendGC\diagwrn.xml Object is locked skipped
D:\Windows\Panther\UnattendGC\setupact.log Object is locked skipped
D:\Windows\Panther\UnattendGC\setuperr.log Object is locked skipped
D:\Windows\security\database\secedit.sdb Object is locked skipped
D:\Windows\SoftwareDistribution\EventCache\{7F0E0B68-8ABE-4F6E-AB16-3A6B2599C884}.bin Object is locked skipped
D:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped
D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
D:\Windows\System32\catroot2\edb.log Object is locked skipped
D:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
D:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
D:\Windows\System32\config\COMPONENTS Object is locked skipped
D:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped
D:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped
D:\Windows\System32\config\DEFAULT Object is locked skipped
D:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped
D:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped
D:\Windows\System32\config\SAM Object is locked skipped
D:\Windows\System32\config\SAM.LOG1 Object is locked skipped
D:\Windows\System32\config\SAM.LOG2 Object is locked skipped
D:\Windows\System32\config\SECURITY Object is locked skipped
D:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped
D:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped
D:\Windows\System32\config\SOFTWARE Object is locked skipped
D:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped
D:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped
D:\Windows\System32\config\SYSTEM Object is locked skipped
D:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped
D:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped
D:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms Object is locked skipped
D:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms Object is locked skipped
D:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms Object is locked skipped
D:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.blf Object is locked skipped
D:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped
D:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
D:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
D:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000003.regtrans-ms Object is locked skipped
D:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000004.regtrans-ms Object is locked skipped
D:\Windows\System32\drivers\sptd.sys Object is locked skipped
D:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped
D:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
D:\Windows\System32\restore\MachineGuid.txt Object is locked skipped
D:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped
D:\Windows\System32\wbem\AutoRecover\9B2AE30BDA2ED3E7E1378B8770C99C54.mof Object is locked skipped
D:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped
D:\Windows\System32\wbem\Repository\INDEX.BTR Object is locked skipped
D:\Windows\System32\wbem\Repository\MAPPING1.MAP Object is locked skipped
D:\Windows\System32\wbem\Repository\MAPPING2.MAP Object is locked skipped
D:\Windows\System32\wbem\Repository\OBJECTS.DATA Object is locked skipped
D:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\Setup.evtx Object is locked skipped
D:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped
D:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped
D:\Windows\WindowsUpdate.log Object is locked skipped
D:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16386_none_cef7ceb03914a67f\dnary.xsd Object is locked skipped
G:\H\$BadClus Object is locked skipped
G:\H\$UpCase Object is locked skipped
G:\old D\Bit Comet Downloads\mp3finder.exe/data0011 Infected: not-a-virus:AdWare.Win32.Relevant.a skipped
G:\old D\Bit Comet Downloads\mp3finder.exe Inno: infected - 1 skipped
G:\old D\kit\kit new\passsword\ca_setup.exe/WISE0017.BIN Infected: not-a-virus:PSWTool.Win32.Cain.288 skipped
G:\old D\kit\kit new\passsword\ca_setup.exe/WISE0023.BIN Infected: not-a-virus:PSWTool.Win32.Cain.284 skipped
G:\old D\kit\kit new\passsword\ca_setup.exe/WISE0025.BIN Infected: not-a-virus:PSWTool.Win32.Cain.284 skipped
G:\old D\kit\kit new\passsword\ca_setup.exe WiseSFX: infected - 3 skipped
G:\old D\kit\kit new\passsword\pwdump6-1.4.1\LsaExtRelease\LsaExt.dll Infected: not-a-virus:PSWTool.Win32.PWDump.d skipped
G:\old D\kit\kit new\passsword\pwdump6-1.4.1\PwDumpRelease\LsaExt.dll Infected: not-a-virus:PSWTool.Win32.PWDump.d skipped
G:\old D\kit\kit new\passsword\pwdump6-1.4.1\PwDumpRelease\pwservice.exe Infected: not-a-virus:PSWTool.Win32.PWDump.d skipped
G:\old D\kit\kit new\passsword\pwdump6-1.4.1\PwserviceRelease\LsaExt.dll Infected: not-a-virus:PSWTool.Win32.PWDump.d skipped
G:\old D\kit\kit new\passsword\pwdump6-1.4.1\PwserviceRelease\pwservice.exe Infected: not-a-virus:PSWTool.Win32.PWDump.d skipped
G:\old D\kit\kit new\passsword\pwdump6-1.4.1.zip/LsaExtRelease/LsaExt.dll Infected: not-a-virus:PSWTool.Win32.PWDump.d skipped
G:\old D\kit\kit new\passsword\pwdump6-1.4.1.zip/PwDumpRelease/LsaExt.dll Infected: not-a-virus:PSWTool.Win32.PWDump.d skipped
G:\old D\kit\kit new\passsword\pwdump6-1.4.1.zip/PwDumpRelease/pwservice.exe Infected: not-a-virus:PSWTool.Win32.PWDump.d skipped
G:\old D\kit\kit new\passsword\pwdump6-1.4.1.zip/PwserviceRelease/LsaExt.dll Infected: not-a-virus:PSWTool.Win32.PWDump.d skipped
G:\old D\kit\kit new\passsword\pwdump6-1.4.1.zip/PwserviceRelease/pwservice.exe Infected: not-a-virus:PSWTool.Win32.PWDump.d skipped
G:\old D\kit\kit new\passsword\pwdump6-1.4.1.zip ZIP: infected - 5 skipped
G:\old D\kit\kit new\passsword\rainbowcrack-1.2-win.zip/rainbowcrack-1.2-win/rcrack.exe Infected: not-a-virus:PSWTool.Win32.Rainbow.12.a skipped
G:\old D\kit\kit new\passsword\rainbowcrack-1.2-win.zip/rainbowcrack-1.2-win/rtdump.exe Infected: not-a-virus:PSWTool.Win32.Rainbow.12.a skipped
G:\old D\kit\kit new\passsword\rainbowcrack-1.2-win.zip/rainbowcrack-1.2-win/rtgen.exe Infected: not-a-virus:PSWTool.Win32.Rainbow.12.a skipped
G:\old D\kit\kit new\passsword\rainbowcrack-1.2-win.zip/rainbowcrack-1.2-win/rtsort.exe Infected: not-a-virus:PSWTool.Win32.Rainbow.12.a skipped
G:\old D\kit\kit new\passsword\rainbowcrack-1.2-win.zip ZIP: infected - 4 skipped
G:\old D\old desktop\Fundamente\Fundamente\Laborator1\OvariantaMaiBuna\PROBL12L.EXE Infected: Virus.DOS.Tupas.j skipped
G:\old D\old desktop\Fundamente.zip/Fundamente/Laborator1/OvariantaMaiBuna/PROBL12L.EXE Infected: Virus.DOS.Tupas.j skipped
G:\old D\old desktop\Fundamente.zip ZIP: infected - 1 skipped
G:\old D\old desktop\mirc631.exe/stream/data0001/stream/data0014 Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
G:\old D\old desktop\mirc631.exe/stream/data0001/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
G:\old D\old desktop\mirc631.exe/stream/data0001 Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
G:\old D\old desktop\mirc631.exe/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
G:\old D\old desktop\mirc631.exe NSIS: infected - 4 skipped
G:\stick2\an1\Mate_Info\Alg_Mate_Info.rar/Alg_Mate_Info/Ex_Pas/FIBO.EXE Infected: Virus.DOS.Tupas.j skipped
G:\stick2\an1\Mate_Info\Alg_Mate_Info.rar RAR: infected - 1 skipped
Scan process completed.