klluk - 2007-1-29 13:09:00
Kaspersky Online Scanner version: 5.0.83.0
Scan Statistics
Total number of scanned objects 74086
Number of viruses found 4
Number of infected objects 8 / 0
Number of suspicious objects 1
Duration of the scan process 00:40:36
Infected Object Name Virus Name Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox2.idx Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox2.dat Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\Temp\~DFDABE.tmp Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12132006-184232.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\report.rpt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\eventlog.rpt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\010a_File_Monitoring_eventlog.rpt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\detected.idx Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\detected.rpt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\010e_Web_Monitoring_eventlog.rpt Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\pc user\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Temp\~DFF61.tmp Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\History\History.IE5\MSHist012007012820070129\index.dat Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Temporary Internet Files\Content.IE5\41I9S2WJ\sploit[1].anr Suspicious: Exploit.Win32.IMG-ANI.c skipped
C:\Documents and Settings\pc user\Local Settings\Temporary Internet Files\Content.IE5\O5UBWD6F\ie_vb1[1].htm Infected: Trojan-Downloader.VBS.Small.dh skipped
C:\Documents and Settings\pc user\Local Settings\Temporary Internet Files\Content.IE5\4HWBOVKV\Jacky-ByUrSide[1].torrent Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{4BDF1315-AEC9-4255-B6F8-B4B21772F8AB} Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Application Data\Identities\{32E7BAE8-908E-43C6-AADF-AA817ECA954C}\Microsoft\Outlook Express\收件匣.dbx Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Application Data\Identities\{32E7BAE8-908E-43C6-AADF-AA817ECA954C}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Application Data\Identities\{32E7BAE8-908E-43C6-AADF-AA817ECA954C}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped
C:\Documents and Settings\pc user\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6ceac608-739b09f7.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6ceac608-739b09f7.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6ceac608-739b09f7.zip ZIP: infected - 2 skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-7373b82d-25788db8.class/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-7373b82d-25788db8.class/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-7373b82d-25788db8.class/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-7373b82d-25788db8.class ZIP: infected - 3 skipped
Scan Statistics
Total number of scanned objects 74086
Number of viruses found 4
Number of infected objects 8 / 0
Number of suspicious objects 1
Duration of the scan process 00:40:36
Infected Object Name Virus Name Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox2.idx Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox2.dat Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\Temp\~DFDABE.tmp Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12132006-184232.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\report.rpt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\eventlog.rpt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\010a_File_Monitoring_eventlog.rpt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\detected.idx Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\detected.rpt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\010e_Web_Monitoring_eventlog.rpt Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\pc user\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Temp\~DFF61.tmp Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\History\History.IE5\MSHist012007012820070129\index.dat Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Temporary Internet Files\Content.IE5\41I9S2WJ\sploit[1].anr Suspicious: Exploit.Win32.IMG-ANI.c skipped
C:\Documents and Settings\pc user\Local Settings\Temporary Internet Files\Content.IE5\O5UBWD6F\ie_vb1[1].htm Infected: Trojan-Downloader.VBS.Small.dh skipped
C:\Documents and Settings\pc user\Local Settings\Temporary Internet Files\Content.IE5\4HWBOVKV\Jacky-ByUrSide[1].torrent Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{4BDF1315-AEC9-4255-B6F8-B4B21772F8AB} Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Application Data\Identities\{32E7BAE8-908E-43C6-AADF-AA817ECA954C}\Microsoft\Outlook Express\收件匣.dbx Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Application Data\Identities\{32E7BAE8-908E-43C6-AADF-AA817ECA954C}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped
C:\Documents and Settings\pc user\Local Settings\Application Data\Identities\{32E7BAE8-908E-43C6-AADF-AA817ECA954C}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped
C:\Documents and Settings\pc user\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6ceac608-739b09f7.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6ceac608-739b09f7.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6ceac608-739b09f7.zip ZIP: infected - 2 skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-7373b82d-25788db8.class/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-7373b82d-25788db8.class/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-7373b82d-25788db8.class/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\pc user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-7373b82d-25788db8.class ZIP: infected - 3 skipped