We've got a small network of 7 pc's and I think all of them are infected. Kaspersky showed numerous viruses and infections. I'm goiing to post logs under separate topics. Can someone please help !
Logfile of HijackThis v1.99.1
Scan saved at 12:20:49 PM, on 2006/07/02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\BMExtreme\BMExtreme.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\DAP\DAP.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Bluetooth Software\BTTray.exe
C:\Program Files\Datatex\pabx3\pabx3.exe
C:\Program Files\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe
C:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis\HijackThis.exe
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BMExtreme] C:\Program Files\BMExtreme\BMExtreme.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [Teuc] "C:\PROGRA~1\ASKS~1\javaw.exe" -vt mt
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: pabx3.lnk = C:\Program Files\Datatex\pabx3\pabx3.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CAC2668-15A4-4ABA-A973-6E6CC4773258}: NameServer = 192.168.10.200,212.135.1.36
O17 - HKLM\System\CS1\Services\Tcpip\..\{0CAC2668-15A4-4ABA-A973-6E6CC4773258}: NameServer = 192.168.10.200,212.135.1.36
O17 - HKLM\System\CS2\Services\Tcpip\..\{0CAC2668-15A4-4ABA-A973-6E6CC4773258}: NameServer = 192.168.10.200,212.135.1.36
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: PRTG Service - Paessler Router Traffic Grapher (PRTGService) - Paessler AG - C:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\System32\r_server.exe" /service (file missing)
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
1
Infected - Shuttle
Started by Brynard, Jul 02 2006 10:23 AM
3 replies to this topic
#1 OFFLINE
-
- Members
-
- 19 posts
Member
- Location:Brackenfell, Cape Town, South Africa
Posted 02 July 2006 - 10:23 AM
#2 OFFLINE
-
- Spyware Moderators
-
- 1,821 posts
Power Member
- Gender:Male
- Location:Manchester. UK
- Interests:Music, Movies, Website Building & Design, Malware Testing/Research and spending time with friends & family.
Posted 03 July 2006 - 01:07 AM
This log is fine 
If Ewido or Kaspersky detects problem on this machine please post back the logs
Cheers
If Ewido or Kaspersky detects problem on this machine please post back the logs
Cheers
#3 OFFLINE
-
- Members
-
- 19 posts
Member
- Location:Brackenfell, Cape Town, South Africa
Posted 12 July 2006 - 09:12 PM
Hi Andy,
Herewith the logs:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 11:09:53 PM 2006/07/12
+ Scan result:
Nothing found.
::Report end
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, July 12, 2006 11:11:27 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 12/07/2006
Kaspersky Anti-Virus database records: 206940
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 94357
Number of viruses found: 2
Number of infected objects: 5 / 0
Number of suspicious objects: 0
Duration of the scan process: 02:10:02
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\Perflib_Perfdata_a24.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrator\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2006-07-12_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\BMExtreme\Data\logSystem.dat Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsys.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\Program Files\DAP\History\_lasthist.dat Object is locked skipped
C:\Program Files\DAP\Log\DAP_REPORT.LOG Object is locked skipped
C:\Program Files\ESET\cache\CACHE.NDB Object is locked skipped
C:\Program Files\ESET\logs\virlog.dat Object is locked skipped
C:\Program Files\ESET\logs\warnlog.dat Object is locked skipped
C:\Program Files\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton AntiVirus\Savrt\0420NAV~.TMP Object is locked skipped
C:\Program Files\Norton AntiVirus\Savrt\0535NAV~.TMP Object is locked skipped
C:\RECYCLER\NPROTECT\00035381.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00035603.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00035614.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00035888.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035889.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035897.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035898.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035905.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00035912.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00035919.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00035934.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035935.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035940.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00035945.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035946.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00036402.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00036411.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00037050.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00037051.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00037055.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00037056.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00037125.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037459.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00037473.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00037919 Object is locked skipped
C:\RECYCLER\NPROTECT\00037929.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00037936.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00037946.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037947.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037948.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037949.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037950.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037951.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037952.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00038005.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038006.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038010.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038011.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038012.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038013.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038014.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038015.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038376.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038377.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038530.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038531.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038547.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038548.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038551.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038552.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038553.DOC Object is locked skipped
C:\RECYCLER\NPROTECT\00038554.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038555.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038556.dot Object is locked skipped
C:\RECYCLER\NPROTECT\00038795.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038796.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038819.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038820.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038848.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038849.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038852.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038853.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038854.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00039151.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00039171.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00039185.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00039639.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00039648.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00039900.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00039959.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00039960.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00040008.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00040210.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00040474.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00040624.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00040911.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00040924.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00041270.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00041371.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00041379.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00042073.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00042099.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00042489.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042490.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042495.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042496.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042570.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042571.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042572.DIC Object is locked skipped
C:\RECYCLER\NPROTECT\00042574.doc Object is locked skipped
C:\RECYCLER\NPROTECT\00042575.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042576.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042577.DOC Object is locked skipped
C:\RECYCLER\NPROTECT\00042578.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042579.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042580.DOC Object is locked skipped
C:\RECYCLER\NPROTECT\00042587.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042588.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042589.DOC Object is locked skipped
C:\RECYCLER\NPROTECT\00042590.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042591.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042592.DOC Object is locked skipped
C:\RECYCLER\NPROTECT\00042593.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042594.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042595.dot Object is locked skipped
C:\RECYCLER\NPROTECT\00042603.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00042616.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00042783.CDR Object is locked skipped
C:\RECYCLER\NPROTECT\00042795.CDR Object is locked skipped
C:\RECYCLER\NPROTECT\00042835.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00042886.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00042931.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00042976.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00043305.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00043314.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00043442.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00043504.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043505.VXD Object is locked skipped
C:\RECYCLER\NPROTECT\00043506.DLL Object is locked skipped
C:\RECYCLER\NPROTECT\00043507 Object is locked skipped
C:\RECYCLER\NPROTECT\00043508.EXP Object is locked skipped
C:\RECYCLER\NPROTECT\00043509.SYS Object is locked skipped
C:\RECYCLER\NPROTECT\00043510.VXD Object is locked skipped
C:\RECYCLER\NPROTECT\00043511.DLL Object is locked skipped
C:\RECYCLER\NPROTECT\00043512.EXP Object is locked skipped
C:\RECYCLER\NPROTECT\00043513.SYS Object is locked skipped
C:\RECYCLER\NPROTECT\00043514.VXD Object is locked skipped
C:\RECYCLER\NPROTECT\00043515.DLL Object is locked skipped
C:\RECYCLER\NPROTECT\00043516.TXT Object is locked skipped
C:\RECYCLER\NPROTECT\00043517.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043518.CAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043519.INF Object is locked skipped
C:\RECYCLER\NPROTECT\00043520.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043521.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043522.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043523.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043524.TXT Object is locked skipped
C:\RECYCLER\NPROTECT\00043525.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043526.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043527.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043528.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043529.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043530.GRD Object is locked skipped
C:\RECYCLER\NPROTECT\00043531.SIG Object is locked skipped
C:\RECYCLER\NPROTECT\00043532.INF Object is locked skipped
C:\RECYCLER\NPROTECT\00043533.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043534.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043535.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043536.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043537.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043538.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043539.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043540.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043541.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043542.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043543.TXT Object is locked skipped
C:\RECYCLER\NPROTECT\00043544.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043595.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00043679.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00043680.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00043715.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00044419.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044420.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044421.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044422.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044423.DIC Object is locked skipped
C:\RECYCLER\NPROTECT\00044426.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044427.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044440.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044441.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044442.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044443.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044444.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044445.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044472.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044473.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044474.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044475.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044490.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044491.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044492.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044493.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044494.DOC Object is locked skipped
C:\RECYCLER\NPROTECT\00044495.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044496.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044497.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044498.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044499.dot Object is locked skipped
C:\RECYCLER\NPROTECT\00044542.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00044727.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00044741.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00044956.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044957.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045025.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045026.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045056.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045057.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045144.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045145.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045218.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00045227.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00045733.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00046435.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00046448.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00046535.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00046686.ini Object is locked skipped
C:\RECYCLER\NPROTECT\00046687.lnk Object is locked skipped
C:\RECYCLER\NPROTECT\00046688.ini Object is locked skipped
C:\RECYCLER\NPROTECT\00046689.lnk Object is locked skipped
C:\RECYCLER\NPROTECT\00046690.ini Object is locked skipped
C:\RECYCLER\NPROTECT\00046691.lnk Object is locked skipped
C:\RECYCLER\NPROTECT\00046692.ini Object is locked skipped
C:\RECYCLER\NPROTECT\00046693.lnk Object is locked skipped
C:\RECYCLER\NPROTECT\00046694.ini Object is locked skipped
C:\RECYCLER\NPROTECT\00046695.lnk Object is locked skipped
C:\RECYCLER\NPROTECT\00046696.ini Object is locked skipped
C:\RECYCLER\NPROTECT\00046697.lnk Object is locked skipped
C:\RECYCLER\NPROTECT\00046750.DLL Object is locked skipped
C:\RECYCLER\NPROTECT\00046751.SYS Object is locked skipped
C:\RECYCLER\NPROTECT\00046752.INF Object is locked skipped
C:\RECYCLER\NPROTECT\00046753.CAT Object is locked skipped
C:\RECYCLER\NPROTECT\00046765.isu Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{F7FA5A37-C258-4448-83F2-2909D8435048}\RP53\change.log Object is locked skipped
C:\Temp\Install\Remote Administrator 2.1\RADMIN21.EXE/AdmDll.dll Infected: not-a-virus:RemoteAdmin.Win32.RAdmin.20 skipped
C:\Temp\Install\Remote Administrator 2.1\RADMIN21.EXE/raddrv.dll Infected: not-a-virus:RemoteAdmin.Win32.RAdmin.20 skipped
C:\Temp\Install\Remote Administrator 2.1\RADMIN21.EXE/radmin.exe Infected: not-a-virus:RemoteAdmin.Win32.RAdmin.21 skipped
C:\Temp\Install\Remote Administrator 2.1\RADMIN21.EXE/r_server.exe Infected: not-a-virus:RemoteAdmin.Win32.RAdmin.21 skipped
C:\Temp\Install\Remote Administrator 2.1\RADMIN21.EXE Gentee: infected - 4 skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Hear from you soon.
Regards,
Leon.
Herewith the logs:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 11:09:53 PM 2006/07/12
+ Scan result:
Nothing found.
::Report end
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, July 12, 2006 11:11:27 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 12/07/2006
Kaspersky Anti-Virus database records: 206940
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 94357
Number of viruses found: 2
Number of infected objects: 5 / 0
Number of suspicious objects: 0
Duration of the scan process: 02:10:02
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\Perflib_Perfdata_a24.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrator\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2006-07-12_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\BMExtreme\Data\logSystem.dat Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsys.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\Program Files\DAP\History\_lasthist.dat Object is locked skipped
C:\Program Files\DAP\Log\DAP_REPORT.LOG Object is locked skipped
C:\Program Files\ESET\cache\CACHE.NDB Object is locked skipped
C:\Program Files\ESET\logs\virlog.dat Object is locked skipped
C:\Program Files\ESET\logs\warnlog.dat Object is locked skipped
C:\Program Files\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton AntiVirus\Savrt\0420NAV~.TMP Object is locked skipped
C:\Program Files\Norton AntiVirus\Savrt\0535NAV~.TMP Object is locked skipped
C:\RECYCLER\NPROTECT\00035381.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00035603.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00035614.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00035888.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035889.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035897.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035898.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035905.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00035912.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00035919.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00035934.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035935.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035940.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00035945.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00035946.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00036402.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00036411.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00037050.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00037051.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00037055.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00037056.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00037125.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037459.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00037473.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00037919 Object is locked skipped
C:\RECYCLER\NPROTECT\00037929.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00037936.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00037946.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037947.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037948.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037949.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037950.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037951.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00037952.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00038005.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038006.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038010.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038011.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038012.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038013.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038014.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038015.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038376.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038377.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038530.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038531.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038547.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038548.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038551.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038552.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038553.DOC Object is locked skipped
C:\RECYCLER\NPROTECT\00038554.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038555.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038556.dot Object is locked skipped
C:\RECYCLER\NPROTECT\00038795.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038796.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038819.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038820.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038848.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038849.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038852.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038853.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00038854.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00039151.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00039171.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00039185.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00039639.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00039648.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00039900.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00039959.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00039960.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00040008.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00040210.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00040474.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00040624.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00040911.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00040924.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00041270.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00041371.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00041379.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00042073.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00042099.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00042489.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042490.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042495.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042496.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042570.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042571.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042572.DIC Object is locked skipped
C:\RECYCLER\NPROTECT\00042574.doc Object is locked skipped
C:\RECYCLER\NPROTECT\00042575.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042576.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042577.DOC Object is locked skipped
C:\RECYCLER\NPROTECT\00042578.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042579.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042580.DOC Object is locked skipped
C:\RECYCLER\NPROTECT\00042587.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042588.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042589.DOC Object is locked skipped
C:\RECYCLER\NPROTECT\00042590.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042591.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042592.DOC Object is locked skipped
C:\RECYCLER\NPROTECT\00042593.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042594.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00042595.dot Object is locked skipped
C:\RECYCLER\NPROTECT\00042603.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00042616.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00042783.CDR Object is locked skipped
C:\RECYCLER\NPROTECT\00042795.CDR Object is locked skipped
C:\RECYCLER\NPROTECT\00042835.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00042886.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00042931.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00042976.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00043305.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00043314.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00043442.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00043504.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043505.VXD Object is locked skipped
C:\RECYCLER\NPROTECT\00043506.DLL Object is locked skipped
C:\RECYCLER\NPROTECT\00043507 Object is locked skipped
C:\RECYCLER\NPROTECT\00043508.EXP Object is locked skipped
C:\RECYCLER\NPROTECT\00043509.SYS Object is locked skipped
C:\RECYCLER\NPROTECT\00043510.VXD Object is locked skipped
C:\RECYCLER\NPROTECT\00043511.DLL Object is locked skipped
C:\RECYCLER\NPROTECT\00043512.EXP Object is locked skipped
C:\RECYCLER\NPROTECT\00043513.SYS Object is locked skipped
C:\RECYCLER\NPROTECT\00043514.VXD Object is locked skipped
C:\RECYCLER\NPROTECT\00043515.DLL Object is locked skipped
C:\RECYCLER\NPROTECT\00043516.TXT Object is locked skipped
C:\RECYCLER\NPROTECT\00043517.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043518.CAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043519.INF Object is locked skipped
C:\RECYCLER\NPROTECT\00043520.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043521.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043522.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043523.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043524.TXT Object is locked skipped
C:\RECYCLER\NPROTECT\00043525.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043526.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043527.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043528.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043529.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043530.GRD Object is locked skipped
C:\RECYCLER\NPROTECT\00043531.SIG Object is locked skipped
C:\RECYCLER\NPROTECT\00043532.INF Object is locked skipped
C:\RECYCLER\NPROTECT\00043533.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043534.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043535.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043536.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043537.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043538.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043539.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043540.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043541.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043542.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043543.TXT Object is locked skipped
C:\RECYCLER\NPROTECT\00043544.DAT Object is locked skipped
C:\RECYCLER\NPROTECT\00043595.MDP Object is locked skipped
C:\RECYCLER\NPROTECT\00043679.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00043680.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00043715.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00044419.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044420.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044421.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044422.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044423.DIC Object is locked skipped
C:\RECYCLER\NPROTECT\00044426.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044427.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044440.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044441.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044442.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044443.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044444.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044445.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044472.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044473.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044474.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044475.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044490.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044491.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044492.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044493.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044494.DOC Object is locked skipped
C:\RECYCLER\NPROTECT\00044495.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044496.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044497.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044498.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044499.dot Object is locked skipped
C:\RECYCLER\NPROTECT\00044542.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00044727.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00044741.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00044956.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00044957.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045025.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045026.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045056.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045057.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045144.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045145.LNK Object is locked skipped
C:\RECYCLER\NPROTECT\00045218.BIN Object is locked skipped
C:\RECYCLER\NPROTECT\00045227.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00045733.dat Object is locked skipped
C:\RECYCLER\NPROTECT\00046435.cab Object is locked skipped
C:\RECYCLER\NPROTECT\00046448.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00046535.edb Object is locked skipped
C:\RECYCLER\NPROTECT\00046686.ini Object is locked skipped
C:\RECYCLER\NPROTECT\00046687.lnk Object is locked skipped
C:\RECYCLER\NPROTECT\00046688.ini Object is locked skipped
C:\RECYCLER\NPROTECT\00046689.lnk Object is locked skipped
C:\RECYCLER\NPROTECT\00046690.ini Object is locked skipped
C:\RECYCLER\NPROTECT\00046691.lnk Object is locked skipped
C:\RECYCLER\NPROTECT\00046692.ini Object is locked skipped
C:\RECYCLER\NPROTECT\00046693.lnk Object is locked skipped
C:\RECYCLER\NPROTECT\00046694.ini Object is locked skipped
C:\RECYCLER\NPROTECT\00046695.lnk Object is locked skipped
C:\RECYCLER\NPROTECT\00046696.ini Object is locked skipped
C:\RECYCLER\NPROTECT\00046697.lnk Object is locked skipped
C:\RECYCLER\NPROTECT\00046750.DLL Object is locked skipped
C:\RECYCLER\NPROTECT\00046751.SYS Object is locked skipped
C:\RECYCLER\NPROTECT\00046752.INF Object is locked skipped
C:\RECYCLER\NPROTECT\00046753.CAT Object is locked skipped
C:\RECYCLER\NPROTECT\00046765.isu Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{F7FA5A37-C258-4448-83F2-2909D8435048}\RP53\change.log Object is locked skipped
C:\Temp\Install\Remote Administrator 2.1\RADMIN21.EXE/AdmDll.dll Infected: not-a-virus:RemoteAdmin.Win32.RAdmin.20 skipped
C:\Temp\Install\Remote Administrator 2.1\RADMIN21.EXE/raddrv.dll Infected: not-a-virus:RemoteAdmin.Win32.RAdmin.20 skipped
C:\Temp\Install\Remote Administrator 2.1\RADMIN21.EXE/radmin.exe Infected: not-a-virus:RemoteAdmin.Win32.RAdmin.21 skipped
C:\Temp\Install\Remote Administrator 2.1\RADMIN21.EXE/r_server.exe Infected: not-a-virus:RemoteAdmin.Win32.RAdmin.21 skipped
C:\Temp\Install\Remote Administrator 2.1\RADMIN21.EXE Gentee: infected - 4 skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Hear from you soon.
Regards,
Leon.
#4 OFFLINE
-
- Spyware Moderators
-
- 1,821 posts
Power Member
- Gender:Male
- Location:Manchester. UK
- Interests:Music, Movies, Website Building & Design, Malware Testing/Research and spending time with friends & family.
Posted 13 July 2006 - 12:40 PM
Hi Leon
This log looks ok, it's showing the Remote Administrator Tool but I'm assuming you installed that as its present in the logs from each machine, the locked items are fine but you can clear Nortons protected recycle bin
Apart from that it looks fine
Andy
This log looks ok, it's showing the Remote Administrator Tool but I'm assuming you installed that as its present in the logs from each machine, the locked items are fine but you can clear Nortons protected recycle bin
Apart from that it looks fine
Andy
