REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments]
"ScanWithAntiVirus"=dword:00000002
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum]
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"=dword:00000001
"{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF}"=dword:40000021
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"=dword:00000020
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters]
"ServiceDll"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,\
33,32,5c,69,70,6e,61,74,68,6c,70,2e,64,6c,6c,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Disabled:AOL Instant Messenger"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"
"C:\\Documents and Settings\\Lindsay\\My Documents\\My Music\\iTunes.exe"="C:\\Documents and Settings\\Lindsay\\My Documents\\My Music\\iTunes.exe:*:Disabled:iTunes"
"C:\\Program Files\\Yahoo! Games\\Bejeweled 2 Deluxe\\WinBej2.exe"="C:\\Program Files\\Yahoo! Games\\Bejeweled 2 Deluxe\\WinBej2.exe:*:Enabled:Bejeweled2"
"C:\\Program Files\\GameHouse\\CollapseCrunch\\Collapse3.exe"="C:\\Program Files\\GameHouse\\CollapseCrunch\\Collapse3.exe:*:Enabled:Collapse! Crunch"
"C:\\Program Files\\Yahoo! Games\\Zuma Deluxe\\Zuma.exe"="C:\\Program Files\\Yahoo! Games\\Zuma Deluxe\\Zuma.exe:*:Enabled:Zuma"
"C:\\Program Files\\Soulseek\\slsk.exe"="C:\\Program Files\\Soulseek\\slsk.exe:*:Disabled:SoulSeek Client"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Disabled:Windows® NetMeeting®"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:*:Enabled:ActiveSync Application"
"C:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe"="C:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe:*:Enabled:Dreamweaver 8"
"C:\\WINDOWS\\system32\\mshta.exe"="C:\\WINDOWS\\system32\\mshta.exe:*:Enabled:Microsoft ® HTML Application host"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\SmartFTP Client 2.0\\SmartFTP.exe"="C:\\Program Files\\SmartFTP Client 2.0\\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\OLE]
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]
"DefaultLaunchPermission"=hex:01,00,04,80,64,00,00,00,80,00,00,00,00,00,00,00,\
14,00,00,00,02,00,50,00,03,00,00,00,00,00,18,00,01,00,00,00,01,01,00,00,00,\
00,00,05,12,00,00,00,00,00,00,00,00,00,18,00,01,00,00,00,01,01,00,00,00,00,\
00,05,04,00,00,00,00,00,00,00,00,00,18,00,01,00,00,00,01,02,00,00,00,00,00,\
05,20,00,00,00,20,02,00,00,01,05,00,00,00,00,00,05,15,00,00,00,a0,5f,84,1f,\
5e,2e,6b,49,ce,12,03,03,f4,01,00,00,01,05,00,00,00,00,00,05,15,00,00,00,a0,\
5f,84,1f,5e,2e,6b,49,ce,12,03,03,f4,01,00,00
"EnableDCOM"="Y"
"MachineLaunchRestriction"=hex:01,00,04,80,48,00,00,00,58,00,00,00,00,00,00,00,\
14,00,00,00,02,00,34,00,02,00,00,00,00,00,18,00,1f,00,00,00,01,02,00,00,00,\
00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,0b,00,00,00,01,01,00,00,00,00,\
00,01,00,00,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,\
00,00,00,00,05,20,00,00,00,20,02,00,00
"MachineAccessRestriction"=hex:01,00,04,80,44,00,00,00,54,00,00,00,00,00,00,00,\
14,00,00,00,02,00,30,00,02,00,00,00,00,00,14,00,03,00,00,00,01,01,00,00,00,\
00,00,05,07,00,00,00,00,00,14,00,07,00,00,00,01,01,00,00,00,00,00,01,00,00,\
00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,00,00,00,00,\
05,20,00,00,00,20,02,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList]
"{A50398B8-9075-4FBF-A7A1-456BF21937AD}"="1"
"{AD65A69D-3831-40D7-9629-9B0B50A93843}"="1"
"{0040D221-54A1-11D1-9DE0-006097042D69}"="1"
"{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST]
"System.EnterpriseServices.Thunk.dll"=""
REGEDIT4
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00
"Bounds"=hex:00,30,00,00,00,20,00,00
"Security Packages"=hex(7):6b,65,72,62,65,72,6f,73,00,6d,73,76,31,5f,30,00,73,\
63,68,61,6e,6e,65,6c,00,77,64,69,67,65,73,74,00,00
"LsaPid"=dword:00000230
"SecureBoot"=dword:00000001
"auditbaseobjects"=dword:00000000
"crashonauditfail"=dword:00000000
"disabledomaincreds"=dword:00000000
"everyoneincludesanonymous"=dword:00000000
"fipsalgorithmpolicy"=dword:00000000
"forceguest"=dword:00000001
"fullprivilegeauditing"=hex:00
"limitblankpassworduse"=dword:00000001
"lmcompatibilitylevel"=dword:00000000
"nodefaultadminowner"=dword:00000001
"nolmhash"=dword:00000000
"restrictanonymous"=dword:00000000
"restrictanonymoussam"=dword:00000001
"Notification Packages"=hex(7):73,63,65,63,6c,69,00,00
"ImpersonatePrivilegeUpgradeToolHasRun"=dword:00000001
"enabledcom"="y"
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\AccessProviders]
"ProviderOrder"=hex(7):57,69,6e,64,6f,77,73,20,4e,54,20,41,63,63,65,73,73,20,\
50,72,6f,76,69,64,65,72,00,00
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider]
"ProviderPath"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,6e,74,6d,61,72,74,61,2e,64,6c,6c,00
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Audit]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Data]
"Pattern"=hex:af,96,00,86,9f,54,b5,bc,fc,e4,72,28,1e,69,45,9b,30,64,32,34,32,\
64,33,61,00,68,07,00,01,00,00,00,dc,00,00,00,e0,00,00,00,48,fa,06,00,97,55,\
5a,74,04,00,00,00,a0,fd,06,00,b8,fd,06,00,10,00,aa,9d
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\GBG]
"GrafBlumGroup"=hex:ca,cd,00,f7,cc,12,6e,47,fe
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\JD]
"Lookup"=hex:2c,bb,ff,5e,24,21
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\Domains]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\SidCache]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0]
"Auth132"="IISSUBA"
"ntlmminclientsec"=dword:00000000
"ntlmminserversec"=dword:00000000
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Skew1]
"SkewMatrix"=hex:20,ea,25,ee,0a,cf,20,c7,1f,db,83,85,94,0a,d5,db
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\SSO]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\SSO\Passport1.4]
"SSOURL"="
http://www.passport.com"
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\SspiCache]
"Time"=hex:70,05,17,97,e4,06,c5,01
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\SspiCache\digest.dll]
"Name"="Digest"
"Comment"="Digest SSPI Authentication Package"
"Capabilities"=dword:00004050
"RpcId"=dword:0000ffff
"Version"=dword:00000001
"TokenSize"=dword:0000ffff
"Time"=hex:00,d9,4a,94,f8,79,c4,01
"Type"=dword:00000031
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll]
"Name"="DPA"
"Comment"="DPA Security Package"
"Capabilities"=dword:00000037
"RpcId"=dword:00000011
"Version"=dword:00000001
"TokenSize"=dword:00000300
"Time"=hex:00,d9,4a,94,f8,79,c4,01
"Type"=dword:00000031
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll]
"Name"="MSN"
"Comment"="MSN Security Package"
"Capabilities"=dword:00000037
"RpcId"=dword:00000012
"Version"=dword:00000001
"TokenSize"=dword:00000300
"Time"=hex:80,6f,e3,94,f8,79,c4,01
"Type"=dword:00000031
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center]
"FirstRun"=dword:00000001
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
-----------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, September 24, 2006 8:53:21 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 25/09/2006
Kaspersky Anti-Virus database records: 226126
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
H:\
Scan Statistics:
Total number of scanned objects: 95482
Number of viruses found: 22
Number of infected objects: 69 / 0
Number of suspicious objects: 3
Duration of the scan process: 02:21:23
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\WDLog-09102006-202931.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC6.zip/MTE3MTk6ODoxNg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC6.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2006-09-24_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\James\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\James\Local Settings\Application Data\Identities\{F421A2CE-76E9-4007-848F-7E11772FB0DE}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped
C:\Documents and Settings\James\Local Settings\Application Data\Identities\{F421A2CE-76E9-4007-848F-7E11772FB0DE}\Microsoft\Outlook Express\Inbox.dbx Object is locked skipped
C:\Documents and Settings\James\Local Settings\Application Data\Identities\{F421A2CE-76E9-4007-848F-7E11772FB0DE}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped
C:\Documents and Settings\James\Local Settings\Application Data\Identities\{F421A2CE-76E9-4007-848F-7E11772FB0DE}\Microsoft\Outlook Express\Pop3uidl.dbx Object is locked skipped
C:\Documents and Settings\James\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\James\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\James\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{16C16434-9FE1-45EB-A41B-EA2AA9CA2A89} Object is locked skipped
C:\Documents and Settings\James\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\James\Local Settings\History\History.IE5\MSHist012006092420060925\index.dat Object is locked skipped
C:\Documents and Settings\James\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\James\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\James\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Downloads\SmitfraudFix\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\041865D1.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\044345A2.class Infected: Trojan.Java.ClassLoader.f skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\04466F9F.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\044D4398.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\09423DED.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\09FC1720.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0A3D5ED8.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0EEC4AC6.0IP Infected: Trojan-Downloader.Win32.Small.bvv skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0EEC4AC6.0XE Infected: Trojan-Downloader.Win32.Small.cbp skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\107A07E6.0IP Infected: Trojan-Downloader.Win32.Small.bvv skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\107A07E6.0XE Infected: Trojan-Downloader.Win32.Small.cbp skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\13D35C82.0TM Infected: Trojan.JS.Seeker skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\148134D4.0 Infected: Trojan-Downloader.Win32.Small.cbp skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\16A4191C.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\16A84319.htm Suspicious: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\16BE6900.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\16C53CF8.class Infected: Trojan.Java.ClassLoader.Dummy.d skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\16C866F5.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18716D9C.class Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1ED07728.0 Infected: Trojan-Downloader.Win32.Small.bvv skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1FF40164.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\20045352.0TM Infected: Exploit.VBS.Phel.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\20045352.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\200B274B.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\200E5147.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\205B2E2A.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\23E27284.class Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2CF43643.0XE Infected: Trojan.Win32.Dialer.qs skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2EC72A41.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dt skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2FDA6569.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3306763A.0 Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39F52383.class Infected: Trojan.Java.ClassLoader.Dummy.d skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3A56179F.0 Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3CFB04EF.wmv Infected: Trojan-Downloader.WMA.Wimad.b skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3F0869C1.class Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4125065A.class Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\41676188.0XE Infected: Trojan-Downloader.Win32.VB.afa skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\47C6531B.class Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4A915152.class Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\51031CD3.0XE Infected: Trojan-Downloader.Win32.Small.cbp skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\510746D0.0IP Infected: Trojan-Downloader.Win32.Small.bvv skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\55425137.class Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\58137FB0.0 Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5A523CA6.wmv Infected: Trojan-Downloader.WMA.Wimad.b skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5BA3504D.0XE Infected: Trojan.Win32.Crypt.e skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5BDD440D.0XE Infected: Trojan.Win32.Crypt.e skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5F8852BB.0TM Infected: Trojan.JS.Seeker skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\60A70D31.class Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\64AC30B9.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66711B60.class Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\695223C3.class Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6ABE5169.0LL Infected: Trojan.Win32.BHO.g skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6BA8281E.0LL Infected: Trojan.Win32.BHO.g skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\72414455.0XE Infected: Trojan.Win32.Pakes skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\740E0D90.0TM Infected: Exploit.VBS.Phel.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\76D629A1.0TM Infected: Trojan.JS.Seeker skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\77FC2B77.tmp Infected: Trojan.Win32.Pakes skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\78A65FDC.0 Infected: Email-Worm.Win32.Warezov.q skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\78AD33D5.0 Infected: Email-Worm.Win32.Warezov.q skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\79506722.0 Infected: Email-Worm.Win32.Warezov.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7954111E.0 Infected: Email-Worm.Win32.Warezov.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\795A6517.0 Infected: Email-Worm.Win32.Warezov.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A9C3123.0XE Infected: Trojan.Win32.Pakes skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7AD934DD.0XE Infected: Trojan.Win32.Crypt.e skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7B14289C.0XE Infected: Trojan.Win32.Crypt.e skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7B484863.0XE Infected: Trojan.Win32.Crypt.e skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7BD12BCC.0XE Infected: Trojan.Win32.Crypt.e skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7D0D6503.0IP Infected: Trojan-Downloader.Win32.Small.bvv skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7D0D6503.0XE Infected: Trojan-Downloader.Win32.Small.cbp skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{1D7D31A5-7612-4E1A-9826-072F3773FC59}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.