Computer is slow and cant shut down normally . .

coolio_4000

It seems like it cannot shut down by clicking start>turn off computer

I have to hit control alt delete and shut down that way.

HIJACK this log. .. .

appreciate any help!

Logfile of HijackThis v1.99.1
Scan saved at 1:45:41 PM, on 3/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\vVX6000.exe
D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\PROGRA~1\Symbian\Shared\SYMBIA~1\SYMBIA~1.EXE
C:\PROGRA~1\Symbian\Shared\SYMBIA~1\SCBAL.exe
C:\PROGRA~1\Intuwave\Shared\MROUTE~1\MROUTE~2.EXE
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Documents and Settings\Navid\Desktop\hd\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ptec/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ptec/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ptec/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Name of App] C:\Program Files\SAMSUNG\FW LiveUpdate\Liveupdate.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKCU\..\Run: [SpySweeper] "D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1161020853843
O16 - DPF: {68459DB3-59C9-449D-815B-65F729385C16} (VoiceSecure Control) - http://www.voice4web.com/vs.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161020848656
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

Veka

Hi Coolio and welcome to Icrontic.

There is no malwares present in the log.

However, I'd like you to do a system scan and check the boxes next to the entries listed below:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O16 - DPF: {68459DB3-59C9-449D-815B-65F729385C16} (VoiceSecure Control) - http://www.voice4web.com/vs.cab

Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis.

==================================================

After that, please do an online scan with Kaspersky WebScanner

Click on Accept

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

• The program will launch and then begin downloading the latest definition files:
• Once the files have been downloaded click on NEXT
  
• Now click on Scan Settings
• In the scan settings make that the following are selected:
  • Scan using the following Anti-Virus database:
  • Extended (if available otherwise Standard)
  • Scan Options:
  • Scan Archives
    Scan Mail Bases
• Click OK
• Now under select a target to scan:
  • Select My Computer
• This will program will start and scan your system.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button:
• Save the file to your desktop.
• Copy and paste that information in your next post.

coolio_4000

---

KASPERSKY ONLINE SCANNER REPORT
Saturday, March 29, 2008 11:45:36 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 30/03/2008
Kaspersky Anti-Virus database records: 672744

---

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 188633
Number of viruses found: 24
Number of infected objects: 91
Number of suspicious objects: 6
Duration of the scan process: 02:26:35

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01D80000.VBN/javautil.zip Infected: Backdoor.Win32.Dumador.cx skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01D80000.VBN ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01D80000.VBN CryptZ: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01D80001.VBN/javautil.zip Infected: Backdoor.Win32.Dumador.cx skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01D80001.VBN ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01D80001.VBN CryptZ: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07640000.VBN/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.aqe skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07640000.VBN/stream Infected: Trojan-Downloader.Win32.Zlob.aqe skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07640000.VBN NSIS: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07640000.VBN UPX: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07640000.VBN CryptZ: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A900000.VBN Infected: Trojan.Win32.Inject.au skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C380000.VBN Infected: Trojan.Win32.Inject.au skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D380000.VBN Infected: Trojan.Win32.Inject.au skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D4C0000.VBN Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D4C0001.VBN Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DE00000.VBN Infected: Trojan.Win32.Inject.au skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DE80000.VBN Infected: Trojan-Dropper.Win32.VB.lu skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0E000000.VBN Infected: Trojan.Win32.Inject.au skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Aim\xlzpbxmg\persianprincexx\cert8.db Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Aim\xlzpbxmg\persianprincexx\key3.db Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\cert8.db Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\history.dat Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\key3.db Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\parent.lock Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\DiSCOM_log.txt Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\DM_log.txt Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\HookStarter_log.txt Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\InMSCOM_log.txt Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\SpecificSCOM_log.txt Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\SpecificUSB_log.txt Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\6.0\22\10453ed6-2a931a45/vmain.class Infected: Exploit.Java.Gimsh.b skipped
C:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\6.0\22\10453ed6-2a931a45 ZIP: infected - 1 skipped
C:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\6.0\47\bd7ce2f-7a66219c/vmain.class Infected: Exploit.Java.Gimsh.b skipped
C:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\6.0\47\bd7ce2f-7a66219c ZIP: infected - 1 skipped
C:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-3ad601a5-165a36c1.zip/vmain.class Infected: Exploit.Java.Gimsh.b skipped
C:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-3ad601a5-165a36c1.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6b13a7e7-53250d63.zip/vmain.class Infected: Exploit.Java.Gimsh.b skipped
C:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6b13a7e7-53250d63.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Navid\Application Data\Webroot\Spy Sweeper\Logs\SpySweeperLog.txt Object is locked skipped
C:\Documents and Settings\Navid\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Navid\Desktop\DC++ unfinished files\New Folder (2)\Desktop\hd\backup-20040611-025957-558.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Navid\Desktop\hd\backup-20040611-025957-558.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Navid\keaa.txt Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\History\History.IE5\MSHist012008032920080330\index.dat Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Temp\hsperfdata_Navid\2252 Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Temp\~DF2C2A.tmp Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Temp\~DFD9C2.tmp Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Navid\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Navid\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\NoLopBackups\1c2a1f.exe.060.infected Infected: Packed.Win32.PolyCrypt.d skipped
C:\NoLopBackups\Cool User.exe.01.infected Infected: Trojan-Downloader.Win32.Swizzor.fg skipped
C:\NoLopBackups\Dmkeflkc.exe.01921.infected Infected: not-a-virus:AdWare.Win32.Lop.bb skipped
C:\NoLopBackups\Dvd Dead.exe.01922.infected Infected: Packed.Win32.PolyCrypt.d skipped
C:\NoLopBackups\Programitch.exe.01920.infected Infected: not-a-virus:AdWare.Win32.Lop.bb skipped
C:\NoLopBackups\Sta3e.exe.01437.infected Infected: Packed.Win32.PolyCrypt.d skipped
C:\NoLopBackups\Third Pop Poll.exe.01923.infected Infected: Trojan.Win32.Obfuscated.en skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{AE2ED2C7-F3A2-4D62-9FFF-C864F74E85F2}\RP41\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\yaaayv.dll Infected: Trojan.Win32.Agent.agv skipped
D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS\MachineKeys\6d2d00b38bbb51065358327978f98481_68c8d5b6-89fa-41f8-9a19-b7c29a5433ec Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5a3065fa80db2b4863228093014a6e87_68c8d5b6-89fa-41f8-9a19-b7c29a5433ec Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf0b4a78344c016c320bfc2cb395c6a8_68c8d5b6-89fa-41f8-9a19-b7c29a5433ec Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AllInOneTelcom.zip/stmtdlr.exe Suspicious: Password-protected-EXE skipped
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AllInOneTelcom.zip ZIP: suspicious - 1 skipped
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer.zip/optimize.exe Suspicious: Password-protected-EXE skipped
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer.zip ZIP: suspicious - 1 skipped
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer6.zip/optimize.exe Suspicious: Password-protected-EXE skipped
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer6.zip ZIP: suspicious - 1 skipped
D:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-6b9dccb7-5887ea5e.zip/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped
D:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-6b9dccb7-5887ea5e.zip ZIP: infected - 1 skipped
D:\Documents and Settings\Navid\Desktop\DC++ unfinished files\New Folder (2)\Desktop\hd\backup-20040611-025957-558.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
D:\Documents and Settings\Navid\Desktop\hd\backup-20040611-025957-558.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
D:\Documents and Settings\Navid\Desktop\SmitfraudFix\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
D:\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\H3NNHH0E\intcodec-v6.541[1].exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.agt skipped
D:\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\H3NNHH0E\intcodec-v6.541[1].exe/stream Infected: Trojan-Downloader.Win32.Zlob.agt skipped
D:\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\H3NNHH0E\intcodec-v6.541[1].exe NSIS: infected - 2 skipped
D:\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\H3NNHH0E\intcodec-v6.541[1].exe UPX: infected - 2 skipped
D:\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\H3NNHH0E\intcodec-v6.541[1].exe PE_Patch.UPX: infected - 2 skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{AE2ED2C7-F3A2-4D62-9FFF-C864F74E85F2}\RP41\change.log Object is locked skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP25\A0002377.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP25\A0002406.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP25\A0002486.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP25\A0003515.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP25\A0004515.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004523.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004554.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004602.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004619.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004666.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.afq skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004666.exe/stream Infected: Trojan-Downloader.Win32.Zlob.afq skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004666.exe NSIS: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004666.exe UPX: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004666.exe PE_Patch.UPX: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004668.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.afq skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004668.exe/stream Infected: Trojan-Downloader.Win32.Zlob.afq skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004668.exe NSIS: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004668.exe UPX: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004668.exe PE_Patch.UPX: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004669.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.afq skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004669.exe/stream Infected: Trojan-Downloader.Win32.Zlob.afq skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004669.exe NSIS: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004669.exe UPX: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004669.exe PE_Patch.UPX: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004732.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004744.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004779.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004796.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004808.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004826.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0005848.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0005878.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0005906.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0005928.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0005966.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP33\A0007728.exe Infected: Backdoor.Win32.Small.dc skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP33\A0007729.exe Infected: Trojan-PSW.Win32.Sagic.h skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP33\A0007730.exe Infected: Virus.Win32.Bube.b skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP33\A0007731.scr Infected: Trojan-PSW.Win32.Sagic.h skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP33\A0007732.scr Infected: Trojan-PSW.Win32.Sagic.h skipped
D:\WINDOWS\$NtUninstallKB824141$\sysmain.sdb Object is locked skipped
D:\WINDOWS\$NtUninstallKB824141$\user32.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB824141$\win32k.sys Object is locked skipped
D:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\catsrv.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\colbact.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\comadmin.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\comrepl.exe Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\comuid.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\es.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\migregdb.exe Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\ole32.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\rpcss.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\txflog.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\browser.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\callcont.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\gdi32.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\h323.tsp Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\h323msp.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\mf3216.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\msasn1.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\msgina.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\mst120.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\netapi32.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\nmcom.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\schannel.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\dao360.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\expsrv.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msexch40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msjet40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msjetol1.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msjint40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msjter40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msltus40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\mspbde40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msrd2x40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msrd3x40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msrepl40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\mstext40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\mswdat10.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\mswstr10.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msxbde40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\vbajet32.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ309521$\dxmasf.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ309521$\httpod51.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ309521$\sfcfiles.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ309521$\spuninst\spuninst.exe Object is locked skipped
D:\WINDOWS\$NtUninstallQ309521$\spuninst\spuninst.inf Object is locked skipped
D:\WINDOWS\$NtUninstallQ309521$\ssinc51.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ314862$\qmgr.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ314862$\spuninst\spuninst.exe Object is locked skipped
D:\WINDOWS\$NtUninstallQ314862$\spuninst\spuninst.inf Object is locked skipped
D:\WINDOWS\$NtUninstallQ315000$\netsetup.exe Object is locked skipped
D:\WINDOWS\$NtUninstallQ315000$\spuninst\spuninst.exe Object is locked skipped
D:\WINDOWS\$NtUninstallQ315000$\spuninst\spuninst.inf Object is locked skipped
D:\WINDOWS\$NtUninstallQ315000$\ssdpapi.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ315000$\ssdpsrv.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ315000$\upnp.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ323172$\reg00003 Object is locked skipped
D:\WINDOWS\$NtUninstallQ323172$\reg00005 Object is locked skipped
D:\WINDOWS\$NtUninstallQ323172$\reg00008 Object is locked skipped
D:\WINDOWS\$NtUninstallQ323172$\reg00009 Object is locked skipped
D:\WINDOWS\$NtUninstallQ323172$\reg00010 Object is locked skipped
D:\WINDOWS\$NtUninstallQ323172$\reg00011 Object is locked skipped
D:\WINDOWS\$NtUninstallQ328940$\reg00003 Object is locked skipped
D:\WINDOWS\$NtUninstallQ828026$\msdxm.ocx Object is locked skipped
D:\WINDOWS\$NtUninstallQ828026$\wmp.dll Object is locked skipped
D:\WINDOWS\Downloaded Program Files\cssweb.dll Infected: not-a-virus:AdWare.Win32.CSSWeb.b skipped
D:\WINDOWS\system32\f3PSSavr.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
D:\WINDOWS\system32\gah95on6.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao skipped
D:\WINDOWS\win32.bmp Infected: Trojan-Clicker.JS.gen skipped

Scan process completed.

Veka

Hi Coolio, someting there.

Please download to your desktop

• ATF Cleaner
• Malwarebytes' Anti-Malware

Step 1:

Run ATF Cleaner

• Double-click ATF-Cleaner.exe to run the program
• Under Main choose: Select All
• Click the Empty Selected button

If you use Firefox browser

• Click Firefox at the top and choose: Select All
• Click the Empty Selected button
• NOTE: If you would like to keep your saved passwords, please click No at the prompt

If you use Opera browser

• Click Opera at the top and choose: Select All
• Click the Empty Selected button
• NOTE: If you would like to keep your saved passwords, please click No at the prompt

Click Exit on the Main menu to close the program


Step 2:

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

coolio_4000

Malwarebytes' Anti-Malware 1.09
Database version: 572

Scan type: Quick Scan
Objects scanned: 30311
Time elapsed: 4 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Veka

That didn't remove all, so please download OTMoveIT2

• Save it to your desktop.
• Please double-click OTMoveIt2.exe to run it.
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  

  C:\NoLopBackups
  C:\WINDOWS\yaaayv.dll
  D:\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\H3NNHH0E\intcodec-v6.541[1].exe
  D:\WINDOWS\Downloaded Program Files\cssweb.dll
  D:\WINDOWS\system32\f3PSSavr.scr
  D:\WINDOWS\system32\gah95on6.ini
  D:\WINDOWS\win32.bmp
  

• Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the light blue bar) and choose Paste.
• Click the red Moveit! button.
• A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
• Close OTMoveIt2

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

================================================
Do you know what are these and are they important?

C:\Documents and Settings\Navid\Desktop\DC++ unfinished files\New Folder (2)\Desktop\hd\backup-20040611-025957-558.dll
C:\Documents and Settings\Navid\Desktop\hd\backup-20040611-025957-558.dll
D:\Documents and Settings\Navid\Desktop\DC++ unfinished files\New Folder (2)\Desktop\hd\backup-20040611-025957-558.dll
D:\Documents and Settings\Navid\Desktop\hd\backup-20040611-025957-558.dll

================================================

After OTMoveIt2, please re-scan your system with Kaspersky

Click on Accept

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

• The program will launch and then begin downloading the latest definition files:
• Once the files have been downloaded click on NEXT
  
• Now click on Scan Settings
• In the scan settings make that the following are selected:
  • Scan using the following Anti-Virus database:
  • Extended (if available otherwise Standard)
  • Scan Options:
  • Scan Archives
    Scan Mail Bases
• Click OK
• Now under select a target to scan:
  • Select My Computer
• This will program will start and scan your system.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button:
• Save the file to your desktop.
• Copy and paste that information in your next post.

coolio_4000

C:\NoLopBackups moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\yaaayv.dll
C:\WINDOWS\yaaayv.dll NOT unregistered.
C:\WINDOWS\yaaayv.dll moved successfully.
< D:\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\H3NNHH0E\intcodec-v6.541[1].exe >
D:\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\H3NNHH0E\intcodec-v6.541[1].exe moved successfully.
D:\WINDOWS\Downloaded Program Files\cssweb.dll unregistered successfully.
D:\WINDOWS\Downloaded Program Files\cssweb.dll moved successfully.
D:\WINDOWS\system32\f3PSSavr.scr moved successfully.
D:\WINDOWS\system32\gah95on6.ini moved successfully.
D:\WINDOWS\win32.bmp moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.0 log created on 04022008_233247

---

Do you know what are these and are they important?

C:\Documents and Settings\Navid\Desktop\DC++ unfinished files\New Folder (2)\Desktop\hd\backup-20040611-025957-558.dll
C:\Documents and Settings\Navid\Desktop\hd\backup-20040611-025957-558.dll
D:\Documents and Settings\Navid\Desktop\DC++ unfinished files\New Folder (2)\Desktop\hd\backup-20040611-025957-558.dll
D:\Documents and Settings\Navid\Desktop\hd\backup-20040611-025957-558.dll



^^^^^^^^^no idea what those files are

---

KASPERSKY ONLINE SCANNER REPORT
Thursday, April 03, 2008 5:59:52 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 3/04/2008
Kaspersky Anti-Virus database records: 679269

---

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 189206
Number of viruses found: 27
Number of infected objects: 105
Number of suspicious objects: 6
Duration of the scan process: 03:15:16

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01D80000.VBN/javautil.zip Infected: Backdoor.Win32.Dumador.cx skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01D80000.VBN ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01D80000.VBN CryptZ: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01D80001.VBN/javautil.zip Infected: Backdoor.Win32.Dumador.cx skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01D80001.VBN ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01D80001.VBN CryptZ: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07640000.VBN/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.aqe skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07640000.VBN/stream Infected: Trojan-Downloader.Win32.Zlob.aqe skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07640000.VBN NSIS: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07640000.VBN UPX: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07640000.VBN CryptZ: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A900000.VBN Infected: Trojan.Win32.Inject.au skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C380000.VBN Infected: Trojan.Win32.Inject.au skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D380000.VBN Infected: Trojan.Win32.Inject.au skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D4C0000.VBN Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D4C0001.VBN Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D580000.VBN/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.pq skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D580000.VBN/stream/data0007 Infected: Trojan-Downloader.Win32.Zlob.pq skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D580000.VBN/stream Infected: Trojan-Downloader.Win32.Zlob.pq skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D580000.VBN NSIS: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D580000.VBN UPX: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D580000.VBN PE_Patch.UPX: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D580000.VBN CryptZ: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D580001.VBN Infected: Trojan-Downloader.Win32.Zlob.xf skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D580002.VBN Infected: Trojan-Downloader.Win32.Zlob.xf skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D580003.VBN Infected: not-virus:Hoax.Win32.Renos.fh skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DE00000.VBN Infected: Trojan.Win32.Inject.au skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DE80000.VBN Infected: Trojan-Dropper.Win32.VB.lu skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0E000000.VBN Infected: Trojan.Win32.Inject.au skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\cert8.db Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\history.dat Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\key3.db Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\parent.lock Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Mozilla\Firefox\Profiles\chd8go2t.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\6.0\22\10453ed6-2a931a45/vmain.class Infected: Exploit.Java.Gimsh.b skipped
C:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\6.0\22\10453ed6-2a931a45 ZIP: infected - 1 skipped
C:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\6.0\47\bd7ce2f-7a66219c/vmain.class Infected: Exploit.Java.Gimsh.b skipped
C:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\6.0\47\bd7ce2f-7a66219c ZIP: infected - 1 skipped
C:\Documents and Settings\Navid\Application Data\Webroot\Spy Sweeper\Logs\SpySweeperLog.txt Object is locked skipped
C:\Documents and Settings\Navid\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Navid\Desktop\DC++ unfinished files\New Folder (2)\Desktop\hd\backup-20040611-025957-558.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Navid\Desktop\hd\backup-20040611-025957-558.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Navid\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\History\History.IE5\MSHist012008033120080401\index.dat Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\History\History.IE5\MSHist012008040120080402\index.dat Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\History\History.IE5\MSHist012008040220080403\index.dat Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Temp\~DF582C.tmp Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Navid\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Navid\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{AE2ED2C7-F3A2-4D62-9FFF-C864F74E85F2}\RP50\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb Object is locked skipped
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log Object is locked skipped
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\H3NNHH0E\intcodec-v6.541[1].exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.agt skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\H3NNHH0E\intcodec-v6.541[1].exe/stream Infected: Trojan-Downloader.Win32.Zlob.agt skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\H3NNHH0E\intcodec-v6.541[1].exe NSIS: infected - 2 skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\H3NNHH0E\intcodec-v6.541[1].exe UPX: infected - 2 skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\Documents and Settings\Navid\Local Settings\Temporary Internet Files\Content.IE5\H3NNHH0E\intcodec-v6.541[1].exe PE_Patch.UPX: infected - 2 skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\NoLopBackups\1c2a1f.exe.060.infected Infected: Packed.Win32.PolyCrypt.d skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\NoLopBackups\Cool User.exe.01.infected Infected: Trojan-Downloader.Win32.Swizzor.fg skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\NoLopBackups\Dmkeflkc.exe.01921.infected Infected: not-a-virus:AdWare.Win32.Lop.bb skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\NoLopBackups\Dvd Dead.exe.01922.infected Infected: Packed.Win32.PolyCrypt.d skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\NoLopBackups\Programitch.exe.01920.infected Infected: not-a-virus:AdWare.Win32.Lop.bb skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\NoLopBackups\Sta3e.exe.01437.infected Infected: Packed.Win32.PolyCrypt.d skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\NoLopBackups\Third Pop Poll.exe.01923.infected Infected: Trojan.Win32.Obfuscated.en skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\WINDOWS\Downloaded Program Files\cssweb.dll Infected: not-a-virus:AdWare.Win32.CSSWeb.b skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\WINDOWS\system32\f3PSSavr.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\WINDOWS\system32\gah95on6.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\WINDOWS\win32.bmp Infected: Trojan-Clicker.JS.gen skipped
C:\_OTMoveIt\MovedFiles\04022008_233247\WINDOWS\yaaayv.dll Infected: Trojan.Win32.Agent.agv skipped
D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS\MachineKeys\6d2d00b38bbb51065358327978f98481_68c8d5b6-89fa-41f8-9a19-b7c29a5433ec Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5a3065fa80db2b4863228093014a6e87_68c8d5b6-89fa-41f8-9a19-b7c29a5433ec Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf0b4a78344c016c320bfc2cb395c6a8_68c8d5b6-89fa-41f8-9a19-b7c29a5433ec Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AllInOneTelcom.zip/stmtdlr.exe Suspicious: Password-protected-EXE skipped
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AllInOneTelcom.zip ZIP: suspicious - 1 skipped
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer.zip/optimize.exe Suspicious: Password-protected-EXE skipped
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer.zip ZIP: suspicious - 1 skipped
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer6.zip/optimize.exe Suspicious: Password-protected-EXE skipped
D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer6.zip ZIP: suspicious - 1 skipped
D:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-6b9dccb7-5887ea5e.zip/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped
D:\Documents and Settings\Navid\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-6b9dccb7-5887ea5e.zip ZIP: infected - 1 skipped
D:\Documents and Settings\Navid\Desktop\DC++ unfinished files\New Folder (2)\Desktop\hd\backup-20040611-025957-558.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
D:\Documents and Settings\Navid\Desktop\hd\backup-20040611-025957-558.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
D:\Documents and Settings\Navid\Desktop\SmitfraudFix\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{AE2ED2C7-F3A2-4D62-9FFF-C864F74E85F2}\RP50\A0021956.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.agt skipped
D:\System Volume Information\_restore{AE2ED2C7-F3A2-4D62-9FFF-C864F74E85F2}\RP50\A0021956.exe/stream Infected: Trojan-Downloader.Win32.Zlob.agt skipped
D:\System Volume Information\_restore{AE2ED2C7-F3A2-4D62-9FFF-C864F74E85F2}\RP50\A0021956.exe NSIS: infected - 2 skipped
D:\System Volume Information\_restore{AE2ED2C7-F3A2-4D62-9FFF-C864F74E85F2}\RP50\A0021956.exe UPX: infected - 2 skipped
D:\System Volume Information\_restore{AE2ED2C7-F3A2-4D62-9FFF-C864F74E85F2}\RP50\A0021956.exe PE_Patch.UPX: infected - 2 skipped
D:\System Volume Information\_restore{AE2ED2C7-F3A2-4D62-9FFF-C864F74E85F2}\RP50\A0021957.dll Infected: not-a-virus:AdWare.Win32.CSSWeb.b skipped
D:\System Volume Information\_restore{AE2ED2C7-F3A2-4D62-9FFF-C864F74E85F2}\RP50\A0021958.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
D:\System Volume Information\_restore{AE2ED2C7-F3A2-4D62-9FFF-C864F74E85F2}\RP50\A0021959.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao skipped
D:\System Volume Information\_restore{AE2ED2C7-F3A2-4D62-9FFF-C864F74E85F2}\RP50\change.log Object is locked skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP25\A0002377.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP25\A0002406.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP25\A0002486.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP25\A0003515.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP25\A0004515.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004523.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004554.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004602.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004619.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004666.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.afq skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004666.exe/stream Infected: Trojan-Downloader.Win32.Zlob.afq skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004666.exe NSIS: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004666.exe UPX: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004666.exe PE_Patch.UPX: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004668.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.afq skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004668.exe/stream Infected: Trojan-Downloader.Win32.Zlob.afq skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004668.exe NSIS: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004668.exe UPX: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004668.exe PE_Patch.UPX: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004669.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.afq skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004669.exe/stream Infected: Trojan-Downloader.Win32.Zlob.afq skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004669.exe NSIS: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004669.exe UPX: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004669.exe PE_Patch.UPX: infected - 2 skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004732.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004744.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004779.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004796.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004808.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0004826.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0005848.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0005878.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0005906.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0005928.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP26\A0005966.tlb Infected: Trojan-Downloader.Win32.Zlob.cdu skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP33\A0007728.exe Infected: Backdoor.Win32.Small.dc skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP33\A0007729.exe Infected: Trojan-PSW.Win32.Sagic.h skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP33\A0007730.exe Infected: Virus.Win32.Bube.b skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP33\A0007731.scr Infected: Trojan-PSW.Win32.Sagic.h skipped
D:\System Volume Information\_restore{B7007D0C-FC0E-4297-A5EC-1F3D18624407}\RP33\A0007732.scr Infected: Trojan-PSW.Win32.Sagic.h skipped
D:\WINDOWS\$NtUninstallKB824141$\sysmain.sdb Object is locked skipped
D:\WINDOWS\$NtUninstallKB824141$\user32.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB824141$\win32k.sys Object is locked skipped
D:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\catsrv.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\colbact.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\comadmin.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\comrepl.exe Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\comuid.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\es.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\migregdb.exe Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\ole32.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\rpcss.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB828741$\txflog.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\browser.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\callcont.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\gdi32.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\h323.tsp Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\h323msp.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\mf3216.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\msasn1.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\msgina.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\mst120.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\netapi32.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\nmcom.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB835732$\schannel.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\dao360.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\expsrv.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msexch40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msjet40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msjetol1.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msjint40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msjter40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msltus40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\mspbde40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msrd2x40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msrd3x40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msrepl40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\mstext40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\mswdat10.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\mswstr10.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\msxbde40.dll Object is locked skipped
D:\WINDOWS\$NtUninstallKB837001$\vbajet32.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ309521$\dxmasf.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ309521$\httpod51.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ309521$\sfcfiles.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ309521$\spuninst\spuninst.exe Object is locked skipped
D:\WINDOWS\$NtUninstallQ309521$\spuninst\spuninst.inf Object is locked skipped
D:\WINDOWS\$NtUninstallQ309521$\ssinc51.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ314862$\qmgr.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ314862$\spuninst\spuninst.exe Object is locked skipped
D:\WINDOWS\$NtUninstallQ314862$\spuninst\spuninst.inf Object is locked skipped
D:\WINDOWS\$NtUninstallQ315000$\netsetup.exe Object is locked skipped
D:\WINDOWS\$NtUninstallQ315000$\spuninst\spuninst.exe Object is locked skipped
D:\WINDOWS\$NtUninstallQ315000$\spuninst\spuninst.inf Object is locked skipped
D:\WINDOWS\$NtUninstallQ315000$\ssdpapi.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ315000$\ssdpsrv.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ315000$\upnp.dll Object is locked skipped
D:\WINDOWS\$NtUninstallQ323172$\reg00003 Object is locked skipped
D:\WINDOWS\$NtUninstallQ323172$\reg00005 Object is locked skipped
D:\WINDOWS\$NtUninstallQ323172$\reg00008 Object is locked skipped
D:\WINDOWS\$NtUninstallQ323172$\reg00009 Object is locked skipped
D:\WINDOWS\$NtUninstallQ323172$\reg00010 Object is locked skipped
D:\WINDOWS\$NtUninstallQ323172$\reg00011 Object is locked skipped
D:\WINDOWS\$NtUninstallQ328940$\reg00003 Object is locked skipped
D:\WINDOWS\$NtUninstallQ828026$\msdxm.ocx Object is locked skipped
D:\WINDOWS\$NtUninstallQ828026$\wmp.dll Object is locked skipped

Scan process completed.

Veka

Looks good!

If you think these files aren't important, please remove them

C:\Documents and Settings\Navid\Desktop\DC++ unfinished files\New Folder (2)\Desktop\hd\backup-20040611-025957-558.dll
C:\Documents and Settings\Navid\Desktop\hd\backup-20040611-025957-558.dll
D:\Documents and Settings\Navid\Desktop\DC++ unfinished files\New Folder (2)\Desktop\hd\backup-20040611-025957-558.dll
D:\Documents and Settings\Navid\Desktop\hd\backup-20040611-025957-558.dll

========================================

Please download ATF Cleaner


Run ATF Cleaner

• Double-click ATF-Cleaner.exe to run the program.
• Under Main choose: Select All
• Click the Empty Selected button.

If you use Firefox browser

• Click Firefox at the top and choose: Select All
• Click the Empty Selected button.
• NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

• Click Opera at the top and choose: Select All
• Click the Empty Selected button.
• NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

========================================

Clean up System Restore

You can find instructions on how to disable and enable System Restore from these guides:

Disable And Enable System Restore
Windows XP System Restore Guide

How is your computer running?

coolio_4000

I didn't understand how to clean up system restore after I disable it?


YES its running so much better!!!!!!!!

WOW I can actually shut down normally now! and its not freezing up!!!

Ryder

coolio_4000 wrote:

I didn't understand how to clean up system restore after I disable it?


YES its running so much better!!!!!!!!

WOW I can actually shut down normally now! and its not freezing up!!!

Disabling system restore will delete all restore points, once its disabled, you can re-enable it and it will start fresh

Veka

Yea, Ryder is right. When you disable and then enable your System Restore, it will be cleaned up.


Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Make Your Internet Explorer More Secure

This can be done by following these simple instructions:

• From within Internet Explorer click on the tools menu and then click on Options
• Click once on the "Security" tab
• Click once on the "Internet" icon so it becomes highlighted
• Click once on the Custom Level button.
  • Change the "Download signed ActiveX" controls to Prompt
  • Change the "Download unsigned ActiveX" controls to Disable
  • Change the "Initialize and script ActiveX controls" not marked as safe to Disable
  • Change the "Launching programs and files in an IFRAME" to Prompt
  • Change the "Navigate sub-frames across different domains" to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
• Next press the Apply button and then the OK to exit the Internet Properties page.

Note that Internet Explorer is not the most secure browser. There are safer (and better) alternatives available like Opera and Firefox.

Keep Your System Up to date

It is imperative that you keep your Windows, Antivirus, and other softwares up to date. Otherwise you are not protected against new threats and your system is vulnerable and unsafe. Update your Antivirus software at least once a week, and visit Microsoft Windows Update site regularly.

Install SpywareBlaster

SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

A tutorial on installing & using this product can be found here:

Using SpywareBlaster to protect your computer from Spyware, Hijackers, and Malware

Additional Utilities and Tips to Enhance Your Safety

• MVPS Hosts file --- The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
• Comodo BOCLEAN --- Stop identity thieves from getting personal information. Instantly detects well over 1,000,000 unique, variant and repack malware in total. And it's free.
• Winpatrol --- Download and install the free version of Winpatrol. A tutorial for this product is located here: Using Winpatrol to protect your computer from malicious software

Get more knowledge about how to protecet your computer and prevent malware issues by reading these short articles:

• How to prevent Malware by miekiemoes
• So How Did I Get Infected In First Place by Tony Klein
• Ten Commandments for Your Computer Sanity by BitDefender

Happy surfing and stay clean!

Veka

Glad we could be of assistance! The help you received here was free.

This topic is now closed. If you wish it reopened, please send a Private Message to Trogan with a link to your thread.

If you are not the user who started this thread, you must start your own Thread instead

_______________________________

Have we helped you with any issues you have had with your PCs or other items? If so, you can now help us by Joining Team 93 and fold for a cure.