------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, March 20, 2008 3:05:58 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 20/03/2008 Kaspersky Anti-Virus database records: 646789 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ Scan Statistics: Total number of scanned objects: 39161 Number of viruses found: 23 Number of infected objects: 99 Number of suspicious objects: 0 Duration of the scan process: 00:33:41 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\Cortney\Application Data\Mozilla\Firefox\Profiles\uw8zz1te.default\cert8.db Object is locked skipped C:\Documents and Settings\Cortney\Application Data\Mozilla\Firefox\Profiles\uw8zz1te.default\history.dat Object is locked skipped C:\Documents and Settings\Cortney\Application Data\Mozilla\Firefox\Profiles\uw8zz1te.default\key3.db Object is locked skipped C:\Documents and Settings\Cortney\Application Data\Mozilla\Firefox\Profiles\uw8zz1te.default\parent.lock Object is locked skipped C:\Documents and Settings\Cortney\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Cortney\Desktop\OTScanIt\MovedFiles\03202008_134456\WINDOWS\mrofinu1000106.exe Infected: Trojan-Downloader.Win32.Agent.kvv skipped C:\Documents and Settings\Cortney\Desktop\OTScanIt\MovedFiles\03202008_134456\WINDOWS\mrofinu572.exe Infected: Trojan-Downloader.Win32.Agent.lbx skipped C:\Documents and Settings\Cortney\Desktop\OTScanIt\MovedFiles\03202008_134456\WINDOWS\System32\lejbyagv.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\Documents and Settings\Cortney\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Application Data\Mozilla\Firefox\Profiles\uw8zz1te.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Application Data\Mozilla\Firefox\Profiles\uw8zz1te.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Application Data\Mozilla\Firefox\Profiles\uw8zz1te.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Application Data\Mozilla\Firefox\Profiles\uw8zz1te.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Temp\Perflib_Perfdata_550.dat Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Temp\xx342 Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Temp\xx343 Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Temp\xx344 Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Temp\xx345 Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Temp\xx346 Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Temporary Internet Files\Content.IE5\ATC9G78D\a[1] Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Temporary Internet Files\Content.IE5\ATC9G78D\a[2] Object is locked skipped C:\Documents and Settings\Cortney\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Cortney\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Cortney\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\pj.exe Infected: Trojan.Win32.Small.ev skipped C:\Program Files\Common Files\Yazzle1281OinAdmin.exe Infected: Trojan.Win32.Scapur.k skipped C:\Program Files\Common Files\Yazzle1281OinUninstaller.exe/data0001 Infected: not-a-virus:AdWare.Win32.PurityScan.gp skipped C:\Program Files\Common Files\Yazzle1281OinUninstaller.exe NSIS: infected - 1 skipped C:\QooBox\Quarantine\C\Documents and Settings\Cortney\Application Data\SEMBLY~1\ѕрoolsv.exe.vir Infected: not-a-virus:AdWare.Win32.PurityScan.gw skipped C:\QooBox\Quarantine\C\Program Files\Common Files\SKS~1\chkdsk.exe.vir Infected: Trojan-Downloader.Win32.PurityScan.fj skipped C:\QooBox\Quarantine\C\Program Files\fehy89104.dll.vir Infected: not-a-virus:AdWare.Win32.TTC.d skipped C:\QooBox\Quarantine\C\Program Files\Outerinfo\FF\components\FF.dll.vir Infected: not-a-virus:AdWare.Win32.ZenoSearch.ad skipped C:\QooBox\Quarantine\C\WINDOWS\system32\a1\tliamdll2.exe.vir Infected: Trojan-Downloader.Win32.Small.buy skipped C:\QooBox\Quarantine\C\WINDOWS\system32\aflcxvbq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\ashgmtmw.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\axatjjhn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\bgpqhrnc.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\bhyqsara.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\bifetaej.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\bjwik.dll.vir Infected: not-a-virus:AdWare.Win32.PurityScan.gv skipped C:\QooBox\Quarantine\C\WINDOWS\system32\bqnuljlj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\cfpdfokx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\cjhrlxjt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\dlvquuqi.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\fbktktuc.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\fcccyvu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\fibdymww.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\fiyhuwpo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\fomgpneg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\fuwjktpa.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\ggjehuhr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\gtssfxgj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\gwwjsrji.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\hcjgfyda.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\hgaflsxk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\iDlo01\iDlo011065.exe.vir Infected: Trojan-Downloader.Win32.VB.caw skipped C:\QooBox\Quarantine\C\WINDOWS\system32\jkkkkli.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\jovjaorn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\jwbaknuk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\kegjpurm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\koeqjkbp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\kpkqckss.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\kqsusvak.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ixf skipped C:\QooBox\Quarantine\C\WINDOWS\system32\ldmktydf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\ljjkhgd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\lknbbodh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\mclrmshp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\nkpiixwv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\nksdfhex.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\nlhalllr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\nvwjmxiw.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\okilponr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\oubcphhq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\owsksqtm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\oxgvdbic.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\p9\liopud89104.exe.vir/data0002 Infected: not-a-virus:AdWare.Win32.TTC.d skipped C:\QooBox\Quarantine\C\WINDOWS\system32\p9\liopud89104.exe.vir NSIS: infected - 1 skipped C:\QooBox\Quarantine\C\WINDOWS\system32\qaltupwr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\qpcyygdn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\quetpppp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\rbbhuxdc.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\sekyrpqt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\sgdbynum.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\skaycfty.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\skqdmvrs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\svxxckbr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\tfrerwqo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\tivwfvkv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\tqhbdaht.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\ttyawwvn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\twmroiql.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\urnapyov.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\vdgmvckj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\vujsribl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\vyeqtcyr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\wctieesm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\wmjawdvr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\wshbmtuh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\xerkbrwe.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\xmvhcjbp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\ynkehxbn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\yundcmou.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\ywpnmdcp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\catchme2008-03-20_105642.48.zip/fccyaww.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\catchme2008-03-20_105642.48.zip/jkkjh.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped C:\QooBox\Quarantine\catchme2008-03-20_105642.48.zip ZIP: infected - 2 skipped C:\System Volume Information\_restore{5808F9B6-96B5-4803-A039-47EB1E010CB7}\RP1\change.log Object is locked skipped C:\WINDOWS\$NtUninstallKB824141$\user32.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB824141$\win32k.sys Object is locked skipped C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll Object is locked skipped C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll Object is locked skipped C:\WINDOWS\Debug\oakley.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Downloaded Program Files\CONFLICT.1\gdnUS2335.exe Infected: Trojan-Downloader.Win32.Busky.gen skipped C:\WINDOWS\Downloaded Program Files\CONFLICT.2\gdnUS2335.exe Infected: Trojan-Downloader.Win32.Small.cxg skipped C:\WINDOWS\Downloaded Program Files\CONFLICT.3\gdnUS2335.exe Infected: Trojan-Downloader.Win32.Small.czm skipped C:\WINDOWS\Downloaded Program Files\CONFLICT.4\gdnUS2335.exe Infected: Trojan-Downloader.Win32.Small.czm skipped C:\WINDOWS\Downloaded Program Files\CONFLICT.5\gdnUS2335.exe Infected: Trojan-Downloader.Win32.Small.czm skipped C:\WINDOWS\Downloaded Program Files\CONFLICT.6\gdnUS2335.exe Infected: Trojan-Downloader.Win32.Small.czm skipped C:\WINDOWS\Downloaded Program Files\CONFLICT.7\gdnUS2335.exe Infected: Trojan-Downloader.Win32.Small.czw skipped C:\WINDOWS\Downloaded Program Files\gdnUS2335.exe Infected: Trojan-Downloader.Win32.Busky.gen skipped C:\WINDOWS\Downloaded Program Files\UGA6P_0001_N122M0611NetInstaller.exe Infected: not-a-virus:Downloader.Win32.WinFixer.au skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\4e3807ee.exe Infected: Trojan-Downloader.Win32.Busky.gen skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\etmt2.exe Infected: Trojan.Win32.Runner.j skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\nsg1E2.dll Infected: not-a-virus:AdWare.Win32.EZula.cc skipped C:\WINDOWS\system32\nwinorai.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.p skipped C:\WINDOWS\system32\qndsregj.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped Scan process completed.