Welcome to GeekPolice!
HomeIm not sure whats up
- rbach5784
Novice
-
OS : Windows XP SP3
Posts : 7
Rubies : 2883
Likes : 0 
rbach5784 on 7th September 2009, 5:17 am
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:12:41 AM, on 9/7/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\sofatnet.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Application Layer Gateway] C:\Program Files\Common Files\alg.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [LDTray] C:\Program Files\Livescribe\Livescribe Desktop\LDTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-21-220523388-1364589140-839522115-1004\..\Run: [LDTray] C:\Program Files\Livescribe\Livescribe Desktop\LDTray.exe (User '?')
O4 - HKUS\S-1-5-21-220523388-1364589140-839522115-1004\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User '?')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1185323301234
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1185323294468
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: sofatnet Service (sofatnet) - Sigma Designs In - C:\WINDOWS\system32\sofatnet.exe
--
End of file - 6901 bytes
I hope you guys can help me
Scan saved at 1:12:41 AM, on 9/7/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\sofatnet.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Application Layer Gateway] C:\Program Files\Common Files\alg.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [LDTray] C:\Program Files\Livescribe\Livescribe Desktop\LDTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-21-220523388-1364589140-839522115-1004\..\Run: [LDTray] C:\Program Files\Livescribe\Livescribe Desktop\LDTray.exe (User '?')
O4 - HKUS\S-1-5-21-220523388-1364589140-839522115-1004\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User '?')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1185323301234
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1185323294468
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: sofatnet Service (sofatnet) - Sigma Designs In - C:\WINDOWS\system32\sofatnet.exe
--
End of file - 6901 bytes
I hope you guys can help me
- Belahzur
Site Admin
-
OS : 7 Home Premium x64
Posts : 34946
Rubies : 217929
Likes : 18 -
Belahzur on 7th September 2009, 8:58 pm
Hello.
Please download and run this tool.
Download Malwarebytes' Anti-Malware from Here
Double Click mbam-setup.exe to install the application.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.
Post the contents of the MBAM Log.
- Open HijackThis
- Choose "Do a system scan only"
- Check the boxes in front of these lines:
O23 - Service: sofatnet Service (sofatnet) - Sigma Designs In - C:\WINDOWS\system32\sofatnet.exe - Press "Fix Checked"
- Close Hijack This.
Please download and run this tool.
Download Malwarebytes' Anti-Malware from Here
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.
Post the contents of the MBAM Log.
Site Admin / Security Administrator
[Prework] - Please PM me if I fail to respond within 24hrs.
- rbach5784Novice
-
OS : Windows XP SP3
Posts : 7
Rubies : 2883
Likes : 0 -
rbach5784 on 7th September 2009, 9:21 pm
Im doing that scan right now after i did the hijack this fix and while i wait here is a log from AVG it seems this virus changes files when you try to remove it
AVG 8.5 Anti-Virus command line scanner
Copyright (c) 1992 - 2009 AVG Technologies
Program version 8.0.401, engine 8.0.408
Virus Database: Version 270.13.80/2349 2009-09-06
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Locked file. Not tested.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Locked file. Not tested.
C:\Documents and Settings\LocalService\NTUSER.DAT Locked file. Not tested.
C:\Documents and Settings\LocalService\ntuser.dat.LOG Locked file. Not tested.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Locked file. Not tested.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Locked file. Not tested.
C:\Documents and Settings\NetworkService\NTUSER.DAT Locked file. Not tested.
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Locked file. Not tested.
C:\Documents and Settings\Robbie\Local Settings\Application Data\Microsoft\CardSpace\CardSpaceSP2.db Locked file. Not tested.
C:\Documents and Settings\Robbie\Local Settings\Application Data\Microsoft\CardSpace\CardSpaceSP2.db.shadow Locked file. Not tested.
C:\Documents and Settings\Robbie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Locked file. Not tested.
C:\Documents and Settings\Robbie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Locked file. Not tested.
C:\Documents and Settings\Robbie\NTUSER.DAT Locked file. Not tested.
C:\Documents and Settings\Robbie\NTUSER.DAT.LOG Locked file. Not tested.
C:\pagefile.sys Locked file. Not tested.
C:\System Volume Information\MountPointManagerRemoteDatabase Locked file. Not tested.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000046.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000047.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000048.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000050.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000049.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000051.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000052.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000053.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000054.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000056.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000055.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000057.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000058.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000059.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000060.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000062.EXE Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000061.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000063.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000064.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000065.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000066.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000067.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000068.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000069.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000070.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000071.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000072.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000073.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000074.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000075.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000076.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000077.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000078.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000079.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000081.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000080.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000082.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000083.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000084.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000085.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000086.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000087.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000088.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000089.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000091.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000090.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000093.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000092.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000094.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000095.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000096.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000097.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000098.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000099.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000100.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000101.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000102.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000104.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000103.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000105.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000106.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000107.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000108.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000109.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000110.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000111.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000112.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000113.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000114.scr Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000116.scr Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000115.scr Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000117.scr Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000118.scr Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000119.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000121.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000120.exe Virus found Win32/Heur Object was moved to Virus Vault.
AVG 8.5 Anti-Virus command line scanner
Copyright (c) 1992 - 2009 AVG Technologies
Program version 8.0.401, engine 8.0.408
Virus Database: Version 270.13.80/2349 2009-09-06
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Locked file. Not tested.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Locked file. Not tested.
C:\Documents and Settings\LocalService\NTUSER.DAT Locked file. Not tested.
C:\Documents and Settings\LocalService\ntuser.dat.LOG Locked file. Not tested.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Locked file. Not tested.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Locked file. Not tested.
C:\Documents and Settings\NetworkService\NTUSER.DAT Locked file. Not tested.
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Locked file. Not tested.
C:\Documents and Settings\Robbie\Local Settings\Application Data\Microsoft\CardSpace\CardSpaceSP2.db Locked file. Not tested.
C:\Documents and Settings\Robbie\Local Settings\Application Data\Microsoft\CardSpace\CardSpaceSP2.db.shadow Locked file. Not tested.
C:\Documents and Settings\Robbie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Locked file. Not tested.
C:\Documents and Settings\Robbie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Locked file. Not tested.
C:\Documents and Settings\Robbie\NTUSER.DAT Locked file. Not tested.
C:\Documents and Settings\Robbie\NTUSER.DAT.LOG Locked file. Not tested.
C:\pagefile.sys Locked file. Not tested.
C:\System Volume Information\MountPointManagerRemoteDatabase Locked file. Not tested.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000046.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000047.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000048.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000050.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000049.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000051.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000052.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000053.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000054.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000056.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000055.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000057.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000058.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000059.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000060.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000062.EXE Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000061.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000063.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000064.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000065.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000066.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000067.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000068.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000069.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000070.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000071.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000072.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000073.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000074.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000075.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000076.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000077.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000078.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000079.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000081.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000080.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000082.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000083.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000084.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000085.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000086.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000087.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000088.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000089.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000091.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000090.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000093.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000092.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000094.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000095.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000096.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000097.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000098.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000099.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000100.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000101.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000102.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000104.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000103.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000105.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000106.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000107.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000108.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000109.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000110.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000111.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000112.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000113.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000114.scr Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000116.scr Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000115.scr Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000117.scr Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000118.scr Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000119.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000121.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000120.exe Virus found Win32/Heur Object was moved to Virus Vault.
- rbach5784Novice
-
OS : Windows XP SP3
Posts : 7
Rubies : 2883
Likes : 0 -
rbach5784 on 7th September 2009, 9:22 pm
More
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000120.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000122.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000123.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000124.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000126.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000125.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000128.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000127.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000129.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000130.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000131.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000132.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000133.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000134.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000135.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000136.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000137.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000138.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000140.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000139.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000141.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000142.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000143.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000144.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000145.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000146.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000147.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000148.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000149.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000150.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000151.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000153.EXE Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000152.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000154.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000155.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000156.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000158.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000157.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000159.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000160.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000161.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000162.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000163.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\WINDOWS\isvchost.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\WINDOWS\system32\chkdsk.exe Virus found Win32/Heur
C:\WINDOWS\system32\config\default Locked file. Not tested.
C:\WINDOWS\system32\config\default.LOG Locked file. Not tested.
C:\WINDOWS\system32\config\SAM Locked file. Not tested.
C:\WINDOWS\system32\config\SAM.LOG Locked file. Not tested.
C:\WINDOWS\system32\config\SECURITY Locked file. Not tested.
C:\WINDOWS\system32\config\SECURITY.LOG Locked file. Not tested.
C:\WINDOWS\system32\config\software Locked file. Not tested.
C:\WINDOWS\system32\config\software.LOG Locked file. Not tested.
C:\WINDOWS\system32\config\system Locked file. Not tested.
C:\WINDOWS\system32\config\system.LOG Locked file. Not tested.
C:\WINDOWS\system32\drivers\sptd.sys Locked file. Not tested.
C:\WINDOWS\system32\find.exe Virus found Win32/Heur
C:\WINDOWS\system32\grpconv.exe Virus found Win32/Heur
C:\WINDOWS\system32\help.exe Virus found Win32/Heur
C:\WINDOWS\system32\mpnotify.exe Virus found Win32/Heur
C:\WINDOWS\system32\msiexec.exe Virus found Win32/Heur
D:\System Volume Information\MountPointManagerRemoteDatabase Locked file. Not tested.
------------------------------------------------------------
Objects scanned : 236756
Found infections : 125
Found PUPs : 0
Healed infections : 119
Healed PUPs : 0
Warnings : 0
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000120.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000122.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000123.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000124.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000126.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000125.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000128.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000127.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000129.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000130.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000131.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000132.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000133.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000134.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000135.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000136.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000137.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000138.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000140.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000139.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000141.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000142.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000143.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000144.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000145.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000146.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000147.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000148.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000149.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000150.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000151.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000153.EXE Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000152.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000154.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000155.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000156.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000158.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000157.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000159.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000160.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000161.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000162.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\System Volume Information\_restore{3153D03F-3DD8-4304-9471-2A8F31BB5FA1}\RP1\A0000163.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\WINDOWS\isvchost.exe Virus found Win32/Heur Object was moved to Virus Vault.
C:\WINDOWS\system32\chkdsk.exe Virus found Win32/Heur
C:\WINDOWS\system32\config\default Locked file. Not tested.
C:\WINDOWS\system32\config\default.LOG Locked file. Not tested.
C:\WINDOWS\system32\config\SAM Locked file. Not tested.
C:\WINDOWS\system32\config\SAM.LOG Locked file. Not tested.
C:\WINDOWS\system32\config\SECURITY Locked file. Not tested.
C:\WINDOWS\system32\config\SECURITY.LOG Locked file. Not tested.
C:\WINDOWS\system32\config\software Locked file. Not tested.
C:\WINDOWS\system32\config\software.LOG Locked file. Not tested.
C:\WINDOWS\system32\config\system Locked file. Not tested.
C:\WINDOWS\system32\config\system.LOG Locked file. Not tested.
C:\WINDOWS\system32\drivers\sptd.sys Locked file. Not tested.
C:\WINDOWS\system32\find.exe Virus found Win32/Heur
C:\WINDOWS\system32\grpconv.exe Virus found Win32/Heur
C:\WINDOWS\system32\help.exe Virus found Win32/Heur
C:\WINDOWS\system32\mpnotify.exe Virus found Win32/Heur
C:\WINDOWS\system32\msiexec.exe Virus found Win32/Heur
D:\System Volume Information\MountPointManagerRemoteDatabase Locked file. Not tested.
------------------------------------------------------------
Objects scanned : 236756
Found infections : 125
Found PUPs : 0
Healed infections : 119
Healed PUPs : 0
Warnings : 0
- BelahzurSite Admin
-
OS : 7 Home Premium x64
Posts : 34946
Rubies : 217929
Likes : 18 -
Belahzur on 7th September 2009, 11:09 pm
I'm afraid I have bad news.
Your system is infected with a polymorphic file infector called Virut. Virut is capable of infecting all the machine's executable files (.exe) and screensaver files (.scr). However, the problem is that the virus has a number of bugs in its code, and as a result, it may misinfect a proportion of executable files and therefore, the files are corrupted beyond repair. As of now, security experts suggest that a format and clean install, or destructive recovery if you have an OEM recovery partition, is the best way to clean the infection and it is the best and safest way to return the machine to its normal working state.
Backup all your documents and important items (personal data, work documents, etc) only. DO NOT backup any executable files (softwares) and screensavers (*.scr). It attempts to infect any accessed .exe or .scr files by appending itself to the executable.
Also, avoid backing up compressed files (zip/cab/rar) files that have .exe or .scr files inside them. Virut can penetrate and infect .exe files inside compressed files too.
Recent variants also modify htm, html, asp and php files.
Do not back up to another machine, as it may become compromised. Burn to DVD/CD, or to an external drive which has nothing else on it, and which you can format should it happen to become infected from the backups.
For more information, please see Here
Instructions how to format and reinstall Windows can be found Here
Your system is infected with a polymorphic file infector called Virut. Virut is capable of infecting all the machine's executable files (.exe) and screensaver files (.scr). However, the problem is that the virus has a number of bugs in its code, and as a result, it may misinfect a proportion of executable files and therefore, the files are corrupted beyond repair. As of now, security experts suggest that a format and clean install, or destructive recovery if you have an OEM recovery partition, is the best way to clean the infection and it is the best and safest way to return the machine to its normal working state.
Backup all your documents and important items (personal data, work documents, etc) only. DO NOT backup any executable files (softwares) and screensavers (*.scr). It attempts to infect any accessed .exe or .scr files by appending itself to the executable.
Also, avoid backing up compressed files (zip/cab/rar) files that have .exe or .scr files inside them. Virut can penetrate and infect .exe files inside compressed files too.
Recent variants also modify htm, html, asp and php files.
Do not back up to another machine, as it may become compromised. Burn to DVD/CD, or to an external drive which has nothing else on it, and which you can format should it happen to become infected from the backups.
For more information, please see Here
Instructions how to format and reinstall Windows can be found Here
Site Admin / Security Administrator
[Prework] - Please PM me if I fail to respond within 24hrs.
Similar topics
Create an account or log in to leave a reply
You need to be a member in order to leave a reply.
Page 1 of 1
Permissions in this forum:
You can reply to topics in this forum
