I can get on my task manager now by pressing ctrl, alt, delete as I couldn't when I first posted this problem. My computer seems to be running okay other than when I restart it. After it starts back up and everything is up (Display picture & shortcuts) I get a message that says The computer must be restarted before updating can continue. Do you want to restart now? I have received this message everytime after restarting since I got this virus. That seems to be the only visual problem I am having right now.
I ran hijackthis and kaspersky, here are the logs.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:49:25 PM, on 4/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: &Search - ?p=ZJxdm128MHUS
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Kruzel Kids\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zon...kr.cab31267.cabO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab31267.cabO16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) -
http://www.symantec....rl/LSSupCtl.cabO16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) -
http://acs.pandasoft...s/as2stubie.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://photos.walmar...martActivia.cabO16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zon...1/GAME_UNO1.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab31267.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://messenger.zon...ro.cab47946.cabO16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) -
http://a.download.to...31.5/ttinst.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab56907.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
--
End of file - 9929 bytes
KASPERSKY ONLINE SCANNER REPORT
Wednesday, April 09, 2008 6:45:58 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 9/04/2008
Kaspersky Anti-Virus database records: 692913
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects 76329
Number of viruses found 19
Number of infected objects 76
Number of suspicious objects 0
Duration of the scan process 00:55:24
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\iolo\FileInfoList\IOLOFIL.FDB Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3ad391678a806ec4d691e83aaa393b6f_24adf822-76f7-4481-b30b-ff1b40f8687f Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\ccSubSDK\submissions.idx Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.DAT Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\volatile.DAT Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-04-09_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\Shl_{2D1176B5-BA86-4202-8F82-36475F958F1A}.ldb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\Shl_{2D1176B5-BA86-4202-8F82-36475F958F1A}.sds Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\23B02E02.TMP Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\AF930CD2.TMP Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped
C:\Documents and Settings\Kruzel Kids\.housecall6.6\Quarantine\39.qit.bac_a01452 Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\Documents and Settings\Kruzel Kids\.housecall6.6\Quarantine\40.qit.bac_a01452 Infected: not-a-virus:AdWare.Win32.WebHancer.390 skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\10.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\11.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\12.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\13.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\137.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\139.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\14.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\15.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\16.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\17.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\18.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.a skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\19.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\20.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.aq skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\23.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.bh skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\26.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\27.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\29.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\32.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\33.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\34.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\36.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\37.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\38.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\39.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\40.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\41.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\42.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\44.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\45.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\47.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\48.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\49.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\7.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.at skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\22-11-2007-07-55-15\9.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\30-03-2008-15-30-52\37.qit Infected: not-virus:Hoax.HTML.Secureinvites.b skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\125.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\13.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\14.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\16.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.at skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\18.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\19.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\20.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\21.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\22.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\23.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\24.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\25.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\26.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\27.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.a skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\28.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\29.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.aq skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\32.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.bh skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\35.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\36.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\38.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\41.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\42.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\43.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\45.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\46.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\47.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\48.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\49.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-06-48-37\50.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
C:\Documents and Settings\Kruzel Kids\Application Data\AdwareAlert\Quarantine\31-12-2007-07-44-34\0.qit Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Documents and Settings\Kruzel Kids\Application Data\iolo\SystemAnalyzer.log Object is locked skipped
C:\Documents and Settings\Kruzel Kids\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\AppLogs\SUPERANTISPYWARE-4-9-2008( 17-16-27 ).LOG Object is locked skipped
C:\Documents and Settings\Kruzel Kids\Application Data\Symantec\NPMDataStore\CIMStore.xml Object is locked skipped
C:\Documents and Settings\Kruzel Kids\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Kruzel Kids\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Kruzel Kids\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Kruzel Kids\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Kruzel Kids\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Kruzel Kids\Local Settings\History\History.IE5\MSHist012008040920080410\index.dat Object is locked skipped
C:\Documents and Settings\Kruzel Kids\Local Settings\Temp\fb_2476.lck Object is locked skipped
C:\Documents and Settings\Kruzel Kids\Local Settings\Temp\~DFA0D0.tmp Object is locked skipped
C:\Documents and Settings\Kruzel Kids\Local Settings\Temp\~DFA0ED.tmp Object is locked skipped
C:\Documents and Settings\Kruzel Kids\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Kruzel Kids\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Kruzel Kids\My Documents\Incomplete\Preview-T-3545425-chasing cinderella.mp3 Infected: Trojan-Downloader.WMA.Wimad.n skipped
C:\Documents and Settings\Kruzel Kids\My Documents\My Music\beer song werid al.mp3 Infected: Trojan-Downloader.WMA.Wimad.n skipped
C:\Documents and Settings\Kruzel Kids\My Documents\My Music\chasing cinderella.mp3 Infected: Trojan-Downloader.WMA.Wimad.n skipped
C:\Documents and Settings\Kruzel Kids\My Documents\My Music\mamas alright daddys alright.mp3 Infected: Trojan-Downloader.WMA.Wimad.n skipped
C:\Documents and Settings\Kruzel Kids\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Kruzel Kids\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\NFWEVT.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\mIRC\backup\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.621 skipped
C:\Program Files\MSN Messenger\msimg32.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Program Files\MSN Messenger\riched20.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\SpyMaxx\uninstall.exe Infected: not-a-virus:FraudTool.Win32.SpyAway.g skipped
C:\QooBox\Quarantine\C\WINDOWS\default.htm.vir Infected: not-virus:Hoax.HTML.Secureinvites.b skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP886\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\ModemLog_Conexant D850 56K V.9x DFVc Modem.txt Object is locked skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{555808B9-3B81-4B23-8DA9-B621CCCEA605}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{8EEC9CE7-AAA8-4E6C-96E7-823038937A4A}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\fb_520.lck Object is locked skipped
C:\WINDOWS\Temp\JETBD16.tmp Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.