Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

win32/kryptik.ZS trojan help!


  • Please log in to reply
2 replies to this topic

#1 pain

pain

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 19 September 2009 - 07:15 PM

I started up the computer and then an alert from eset smart security said it had a threat found which is a variant of Win32/Kryptik.ZS trojan.
i also have this safety center thing that constantly pops up and is almst taking over the computer. i just downloaded malwarebytes off the website

i know my brother was downloading stuff so im thinking this is how it got here and now i cant get rid of it. if anyone could hep or point me n the right direction thanks!

here is the eset scan log

Scan LogScan Log
Version of virus signature database: 4419 (20090912)
Date: 9/19/2009 Time: 1:53:34 PM
Scanned disks, folders and files: Operating memory;C:\Boot sector;C:\;D:\Boot sector;D:\;E:\Boot sector;E:\;F:\Boot sector;F:\;G:\Boot sector;G:\;H:\Boot sector;H:\;I:\Boot sector;I:\;J:\Boot sector;J:\
Operating memory - Win32/Olmarik trojan - unable to clean
C:\hiberfil.sys - error opening [4]
C:\pagefile.sys - error opening [4]
C:\Program Files\AIM\aim95.exe NSIS - bad archive
C:\Program Files\AIM\Sysfiles\AOLToolbar.exe NSIS - bad archive
C:\Program Files\AIM\Sysfiles\viewpoint.exe NSIS - unpack error
C:\Program Files\AIM6\uninst.exe NSIS - bad archive
C:\Program Files\AIM6\uninstall.exe NSIS - bad archive
C:\Program Files\Common Files\AOL\AOLDiag\tbunins.exe NSIS - bad archive
C:\Program Files\Common Files\AOL\Loader\alunins.exe NSIS - bad archive
C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\core3.zip ZIP lib/deploy/ffjcext.zip ZIP {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}/chrome.manifest MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\core3.zip ZIP lib/resources.jar ZIP com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages.properties MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\core3.zip ZIP lib/resources.jar ZIP com/sun/xml/internal/fastinfoset/resources/ResourceBundle.properties MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\core3.zip ZIP lib/resources.jar ZIP javax/xml/bind/Messages.properties MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.A1FFBB52_4F2E_44F1_8614_5D66C2EF43F0 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.03A77D79_488A_445D_B528_0E0089E3FCB3 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.D495C848_F235_46BF_A9A0_77D7C2120E3B MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.445237FC_7259_4EAD_ACEF_7ED7A95D32D7 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.79A89863_540B_470E_9C71_D57F22BFA44D MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.5ACB9F6A_C06C_4121_B854_7133C2ED29A8 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.15989D71_6BEB_424A_88DF_78A882081F91 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.1C571119_9D2B_4542_84BD_0CD3AA24E739 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.C4EB4D09_95BA_4DC2_9551_B6E637DA2230 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.C39C5B26_ED03_4B04_9CFD_166FDC7523D1 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.C05C46CB_E961_4BBA_86BE_4FE1A4426A32 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.87E45AFF_C0E7_4B6E_8E37_52EEB71BF5B7 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.E34CAC5A_4546_4E3A_BFFA_CE28E0CED140 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.14AFC4D4_5454_4AD5_B7FC_10D4FAB85CF3 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.B4924446_617C_4229_8C33_089CD780544D MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.F02247A4_BA3B_4A1D_B7EA_2CB2F17490B7 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.0F75E4D6_4C58_47F6_B626_BA408BA6F03B MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.B3E4ACDE_961E_474B_87CC_22A67A5E77CB MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.D8256176_51D5_41D4_B965_C7B0BC9E4A27 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht.D073AD43_9C5B_4759_A404_ED1717BEEAD7 MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\LS_HSI.msi MSI Data1.cab CAB Getting_Started.mht MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\Content\Getting Started.mht MIME - is OK (internal scanning not performed)
C:\Program Files\InstallShield Installation Information\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\Setup.ilg - error opening [4]
C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.ilg - error opening [4]
C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.ilg - error opening [4]
C:\Program Files\InstallShield Installation Information\{FC4F90EC-B1DA-11D9-9D77-000129760D75}\setup.ilg - error opening [4]
C:\Program Files\Internet Download Manager\idmmzcc.xpi ZIP chrome.manifest MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre1.6.0_03\lib\resources.jar ZIP com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages.properties MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre1.6.0_03\lib\resources.jar ZIP com/sun/xml/internal/fastinfoset/resources/ResourceBundle.properties MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre1.6.0_03\lib\resources.jar ZIP javax/xml/bind/Messages.properties MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre1.6.0_03\lib\deploy\ffjcext.zip ZIP {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}/chrome.manifest MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre1.6.0_05\lib\resources.jar ZIP com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages.properties MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre1.6.0_05\lib\resources.jar ZIP com/sun/xml/internal/fastinfoset/resources/ResourceBundle.properties MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre1.6.0_05\lib\resources.jar ZIP javax/xml/bind/Messages.properties MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre1.6.0_05\lib\deploy\ffjcext.zip ZIP {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}/chrome.manifest MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\resources.jar ZIP com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages.properties MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\resources.jar ZIP com/sun/xml/internal/fastinfoset/resources/ResourceBundle.properties MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\resources.jar ZIP javax/xml/bind/Messages.properties MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\deploy\ffjcext.zip ZIP {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}/chrome.manifest MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\deploy\jqs\ff\chrome.manifest MIME - is OK (internal scanning not performed)
C:\Program Files\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Customer Support.fdt MIME - is OK (internal scanning not performed)
C:\Program Files\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hardware Tracker.fdt MIME - is OK (internal scanning not performed)
C:\Program Files\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition - Customized.fdt MIME - is OK (internal scanning not performed)
C:\Program Files\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Hiring Requisition.fdt MIME - is OK (internal scanning not performed)
C:\Program Files\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\POLICIES.FDT MIME - is OK (internal scanning not performed)
C:\Program Files\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Process Library.fdt MIME - is OK (internal scanning not performed)
C:\Program Files\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Status Report.fdt MIME - is OK (internal scanning not performed)
C:\Program Files\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\Track Issues.fdt MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\comm.manifest MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\pippki.manifest MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\toolkit.manifest MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\chrome.manifest MIME - is OK (internal scanning not performed)
C:\Program Files\Ms Office\Enterprise.WW\EnterWW.cab CAB PROCESS_LIBRARY.FDT MIME - is OK (internal scanning not performed)
C:\Program Files\Ms Office\Enterprise.WW\EnterWW.cab CAB HIRING_REQUISITION_CUSTOMIZED.FDT MIME - is OK (internal scanning not performed)
C:\Program Files\Ms Office\Enterprise.WW\EnterWW.cab CAB HARDWARE_TRACKER.FDT MIME - is OK (internal scanning not performed)
C:\Program Files\Ms Office\Enterprise.WW\EnterWW.cab CAB HIRING_REQUISITION.FDT MIME - is OK (internal scanning not performed)
C:\Program Files\Ms Office\Enterprise.WW\EnterWW.cab CAB CUSTOMER_SUPPORT.FDT MIME - is OK (internal scanning not performed)
C:\Program Files\Ms Office\Enterprise.WW\EnterWW.cab CAB TRACK_ISSUES.FDT MIME - is OK (internal scanning not performed)
C:\Program Files\Ms Office\Enterprise.WW\EnterWW.cab CAB STATUS_REPORT.FDT MIME - is OK (internal scanning not performed)
C:\Program Files\Ms Office\Enterprise.WW\EnterWW.cab CAB POLICIES.FDT MIME - is OK (internal scanning not performed)
C:\Program Files\Nero 9\Nero Burning ROM\CDI\CDI_VCD.CFG MIME - is OK (internal scanning not performed)
C:\Program Files\Uniblue\DriverScanner\UniblueCommon.dll - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2428f8188f0e61cc2c4d89d14c133178_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\39992a3a4f03be5632b7e041b8b7d51a_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\420b33837b8690e183d2fefb2060c68a_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4a2bfd930f2ce1a5c296ab91dc84f703_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\87d0c9725ce997a2c845ce31be920617_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8d14297a8dda68dd29009774e09666f8_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9ee79e26700861c0abb8d4683603b1b8_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a9190eca2b65a036cdb537f02e5a8ea9_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bbad9196127a055c85a2be5b9577dbec_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d98efc0940768a57ce00d334c2370049_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\dc11d1c5f0043167ac7759b16b977ae0_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e7f2065b2e7bec4452ff914aa804d236_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e9418c1bafdd815dc3781d859210d35a_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fbef6a73ce15938810ad5fbf6bbbf603_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fc1e3851f429ea606d6ff1e01a5229f1_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\lock.dat - error opening [4]
C:\ProgramData\Microsoft\Search Enhancement Pack\SeaPort\SeaNote.cab - error opening [4]
C:\ProgramData\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.cab - error opening [4]
C:\ProgramData\Microsoft\Search Enhancement Pack\SeaPort\SearchBoxExt.cab - error opening [4]
C:\ProgramData\Microsoft\Search Enhancement Pack\SeaPort\SHelper.cab - error opening [4]
C:\ProgramData\Microsoft\User Account Pictures\Abby.dat - error opening [4]
C:\ProgramData\Microsoft\User Account Pictures\PUERTORICAN MAMii.dat - error opening [4]
C:\ProgramData\Microsoft\User Account Pictures\ReEzOn.dat - error opening [4]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\store.lock - error opening [4]
C:\Users\Adrian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DIO1HKFX\Firefox%20Setup%203.5[2].exe 7ZIP nonlocalized/chrome/comm.manifest MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DIO1HKFX\Firefox%20Setup%203.5[2].exe 7ZIP nonlocalized/chrome/pippki.manifest MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DIO1HKFX\Firefox%20Setup%203.5[2].exe 7ZIP nonlocalized/chrome/toolkit.manifest MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Microsoft\Windows Mail\Local Folders\Inbox\48352486-00000001.eml MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_app_16\VI90B.cab CAB VI_CDI_VCD.CFG MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_app_4\BR90B.cab CAB BR_CDIVCD_cfg MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_app_6\NE90B.cab CAB NE_CDIVCD_cfg MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht1 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht2 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht11 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht21 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht5 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht6 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht7 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht8 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht9 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht01 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht12 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht13 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht14 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht15 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht16 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht17 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht18 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht19 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht20 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht3 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht22 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht23 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht10 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Local\Temp\NERO1003207\unit_tpi_lightscribe-1.14.17.1\LS_HSI.msi MSI Data1.cab CAB getting_started.mht4 MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Roaming\IDM\DwnlData\Adrian\OFFICE_311\OFFICE.rar RAR OFFICE\EXCEL.EXE - incorrect CRC checksum, the file may be damaged
C:\Users\Adrian\AppData\Roaming\IDM\idmmzcc3\chrome.manifest MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\n1080jnu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome.manifest MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\n1080jnu.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}\chrome.manifest MIME - is OK (internal scanning not performed)
C:\Users\Adrian\AppData\Roaming\Uniblue\SpyEraser\Quarantine\Adware.Mostofate.j_17_09_2009_13_54_04.asq18467 - error opening [4]
C:\Users\Adrian\Desktop\Applications\idman5.17.4.full\idman5.17.4.full\crack\read me.txt MIME - is OK (internal scanning not performed)
C:\Users\Adrian\Desktop\MOVIES\Hannah Montana The film.rar RAR Hannah Montana The film.avi - Incorrect file checksum (CRC); the file is probably password protected.
C:\Users\Adrian\Desktop\music'\AZ-I_Am_Lege.rar.part RAR AZ-I_Am_Legend_G.O.D_(Gold_Oil_And_Diamonds)-2009-VAG\01-az-hustle_in_my_blood_(produced_by_the_batkave).mp3 - archive damaged
C:\Users\Adrian\Desktop\music'\prodigyMY.part1.rar RAR Prodigy-Ultimate_P-2CD-2009-H3X\208-prodigy-that_go_ft._keak_da_sneak.mp3 - next archive volume not found
C:\Users\Adrian\Documents\Downloads\Compressed\Microsoft Office Enterprise 2007.rar RAR Microsoft Office 2007.exe RAR Office 2007\APPLICATION\Microsoft Office\CLIPART\PUB60COR\J0099193.GIF - incorrect CRC checksum, the file may be damaged
C:\Users\Adrian\Documents\Downloads\Compressed\Nero9.0.9.4Saddiq123.rar RAR Nero_9.0.9.4_Lite\Crack\get_9.exe - Incorrect file checksum (CRC); the file is probably password protected.
C:\Users\Adrian\Documents\Downloads\Compressed\Nero9.0.9.4Saddiq123.rar RAR Nero_9.0.9.4_Lite\Nero-9.0.9.4_English_Lite.exe - Incorrect file checksum (CRC); the file is probably password protected.
C:\Users\Adrian\Downloads\B-Real-Smoke_N_Mirrors-2009.rar.part RAR 02-b-real-gangsta_music_feat._bo_roc.mp3 - archive damaged
C:\Users\Adrian\Downloads\Firefox Setup 3.5.exe 7ZIP nonlocalized/chrome/comm.manifest MIME - is OK (internal scanning not performed)
C:\Users\Adrian\Downloads\Firefox Setup 3.5.exe 7ZIP nonlocalized/chrome/pippki.manifest MIME - is OK (internal scanning not performed)
C:\Users\Adrian\Downloads\Firefox Setup 3.5.exe 7ZIP nonlocalized/chrome/toolkit.manifest MIME - is OK (internal scanning not performed)
C:\Users\Adrian\Downloads\Immortal Technique - The 3rd World.rar RAR Immortal Technique - stronghold grip (feat._poison_pen_and_swave_sevah).mp3 - archive damaged
C:\Users\Adrian\Downloads\Mw.rar RAR MonopolyWorld\MonopolyWorld.jad - Incorrect file checksum (CRC); the file is probably password protected.
C:\Users\Adrian\Downloads\Mw.rar RAR MonopolyWorld\MonopolyWorld.jar - Incorrect file checksum (CRC); the file is probably password protected.
C:\Users\Adrian\Downloads\Videora_Install.exe NSIS BitComet.exe NSIS search_en_us.mht MIME - is OK (internal scanning not performed)
C:\Users\Adrian\Downloads\Videora_Install.exe NSIS BitComet.exe NSIS search_zh_cn.mht MIME - is OK (internal scanning not performed)
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\2428f8188f0e61cc2c4d89d14c133178_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\39992a3a4f03be5632b7e041b8b7d51a_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\420b33837b8690e183d2fefb2060c68a_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\4a2bfd930f2ce1a5c296ab91dc84f703_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\87d0c9725ce997a2c845ce31be920617_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\8d14297a8dda68dd29009774e09666f8_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\9ee79e26700861c0abb8d4683603b1b8_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\a9190eca2b65a036cdb537f02e5a8ea9_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\bbad9196127a055c85a2be5b9577dbec_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\d98efc0940768a57ce00d334c2370049_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\dc11d1c5f0043167ac7759b16b977ae0_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\e7f2065b2e7bec4452ff914aa804d236_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\e9418c1bafdd815dc3781d859210d35a_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\fbef6a73ce15938810ad5fbf6bbbf603_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\fc1e3851f429ea606d6ff1e01a5229f1_eacbf506-188e-4f08-9fca-532a4e3df3e7 - error opening [4]
C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\lock.dat - error opening [4]
C:\Users\All Users\Microsoft\Search Enhancement Pack\SeaPort\SeaNote.cab - error opening [4]
C:\Users\All Users\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.cab - error opening [4]
C:\Users\All Users\Microsoft\Search Enhancement Pack\SeaPort\SearchBoxExt.cab - error opening [4]
C:\Users\All Users\Microsoft\Search Enhancement Pack\SeaPort\SHelper.cab - error opening [4]
C:\Users\All Users\Microsoft\User Account Pictures\Abby.dat - error opening [4]
C:\Users\All Users\Microsoft\User Account Pictures\PUERTORICAN MAMii.dat - error opening [4]
C:\Users\All Users\Microsoft\User Account Pictures\ReEzOn.dat - error opening [4]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\store.lock - error opening [4]
C:\Users\ReEzOn\AppData\Local\Microsoft\Windows Mail\Local Folders\Inbox\76ED4847-00000001.eml MIME - is OK (internal scanning not performed)
C:\Users\ReEzOn\AppData\Local\Temp\wmplog00.sqm - error opening [4]
C:\Users\ReEzOn\AppData\Local\Temp\wmplog01.sqm - error opening [4]
C:\Users\ReEzOn\AppData\Local\Temp\wmplog02.sqm - error opening [4]
C:\Users\ReEzOn\AppData\Local\Temp\wmplog03.sqm - error opening [4]
C:\Users\ReEzOn\AppData\Local\Temp\wmplog04.sqm - error opening [4]
C:\Users\ReEzOn\AppData\Local\Temp\wmplog05.sqm - error opening [4]
C:\Users\ReEzOn\AppData\Local\Temp\wmplog06.sqm - error opening [4]
C:\Users\ReEzOn\AppData\Local\Temp\wmplog07.sqm - error opening [4]
C:\Users\ReEzOn\AppData\Local\Temp\wmplog08.sqm - error opening [4]
C:\Users\ReEzOn\AppData\Local\Temp\wmplog09.sqm - error opening [4]
C:\Users\ReEzOn\AppData\Local\Temp\hsperfdata_ReEzOn\3448 - error opening [4]
C:\Users\ReEzOn\AppData\Roaming\Microsoft\Windows\Cookies\Low\reezon@gameinformer[2].txt MIME - is OK (internal scanning not performed)
C:\Users\ReEzOn\AppData\Roaming\Microsoft\Windows\Cookies\Low\reezon@www.yobt[1].txt MIME - is OK (internal scanning not performed)
C:\Windows\MEMORY.DMP - error opening [4]
C:\Windows\Downloaded Program Files\unagiuninst.exe NSIS - bad archive
C:\Windows\Installer\1eb69e97.msi MSI ISSetupFile.SetupFile11 MIME - is OK (internal scanning not performed)
C:\Windows\Installer\1eb69e97.msi MSI ISSetupFile.SetupFile13 MIME - is OK (internal scanning not performed)
C:\Windows\Installer\$PatchCache$\Managed\26DDC2EC4210AC63483DF9D4FCC5B59D\3.5.30729\Chrome_manifest.3643236F_FC70_11D3_A536_0090278A1BB8 MIME - is OK (internal scanning not performed)
C:\Windows\Logs\CBS\CBS.log - error opening [4]
C:\Windows\Logs\CBS\CBS.persist.log - error opening [4]
C:\Windows\Logs\DPX\setupact.log - error opening [4]
C:\Windows\Logs\DPX\setuperr.log - error opening [4]
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config - error opening [4]
C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.cab CAB Chrome_manifest.3643236F_FC70_11D3_A536_0090278A1BB8 MIME - is OK (internal scanning not performed)
C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\chrome.manifest MIME - is OK (internal scanning not performed)
C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\MicrosoftDotNetFrameworkAssistant.xpi ZIP chrome.manifest MIME - is OK (internal scanning not performed)
C:\Windows\Panther\UnattendGC\diagerr.xml - error opening [4]
C:\Windows\Panther\UnattendGC\diagwrn.xml - error opening [4]
C:\Windows\Panther\UnattendGC\setupact.log - error opening [4]
C:\Windows\Panther\UnattendGC\setuperr.log - error opening [4]
C:\Windows\security\database\secedit.sdb - error opening [4]
C:\Windows\System32\FastUv32.dll - error opening [4]
C:\Windows\System32\wmdtc.exe - error opening [4]
C:\Windows\System32\restore\MachineGuid.txt - error opening [4]
C:\Windows\System32\sysprep\Panther\diagerr.xml - error opening [4]
C:\Windows\System32\sysprep\Panther\diagwrn.xml - error opening [4]
C:\Windows\System32\sysprep\Panther\setupact.log - error opening [4]
C:\Windows\System32\sysprep\Panther\setuperr.log - error opening [4]
C:\Windows\System32\wbem\AutoRecover\0296C47314AB746EC35476488248FCD9.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\040270F850D5C3C91057DDDA2DA294D8.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\0A9DBC92D554324656F61F9862679F27.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\0DF617D6737A7561E732F853792261C3.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\1E2E58C73053C7775EB226DB5E739137.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\26C097A9392F8C541AD42E89B7909073.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\2A811E5CCC22CC9D7AE2B04EF0402688.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\2AA23BB86A5EBD8BC2D820944E55B233.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\2CE523184A801AA7361A7039E2D6B41D.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\2D57A7682ACD19214C258D31A06D008F.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\3460B7617E0429A960E481B197F238A3.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\376786241A5443E41378D25CF812FCC1.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\3DC0BABDCA20E5E319117C21BD4BD795.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\494C62FAA08CD5217399BAA555FF491B.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\4A01E0F376B5833EBA98F0D1D5F60CD1.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\4B471F64BAF831EC7945C820FD5A16E5.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\4CB32C0A77CD4D9B0C9618F73F786C32.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\5774C77265BE4C55B5C6C9718979E015.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\5966D45C7B25EACA46E87DD8E5703964.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\5B5D21CF62E70BACF9D085E6AA6CE143.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\69554D930FCA40B0304B9A43A8036F2D.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\72F867EF62976CE9F70993FF3E68A4EB.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\75054C3771DF289038069A9BB1C1FB6E.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\7851AF96EA828F912853F32DB0D96138.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\7BDE76979585395D59B5DA1D62E63C50.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\7F417E1A6D819A9B2FEB55DA6858EA0A.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\87AA2A001CE3E89926688B93E4DC2992.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\8C718B5AFD373885B68D2836088CAF9A.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\903E49C444C46FEF5F2C3A189C9CEF71.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\96ABB1671705F680578FE240427CBD4F.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\9A72EE7775E8021F75961342B8AFD1B4.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\9AD3182A2F39A3E091E15109132EC6CC.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\9CD33F0956942860B50AA1B9330DEFAF.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\9E06E4FE97F0CBB8D659894823F805D7.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\A80FF2DC09487ECD60AFB147B262BDD7.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\AA6E0E396C238977CA909EFD82299737.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\AA742824DCADA846BA4B665D686DD5D6.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\BBF206490BAA431B592F9A13534F43F6.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\BE81B2C0741907C1FC1C42B6223E59AD.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\D1A1B12A7DA3F9675C01397A26DBF4B3.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\D4C4BA54B6A8FA6211E60E2ADFF7426A.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\DE391013DA56ABA39FFF40A9ABDF052F.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\DF80FD3849FFF74B4BF43E2EA8ADEC8A.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\DFB9AD54AC2D3B8122567AAD3BF3EB7F.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\E04DE4CDFEC284A342159BB920976701.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\E478A5DB75C9721E744C05D78DBACFD3.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\E737DE61441445E1FDFCA45EF5E7D987.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\E9D8A460B2C986DD5FF19F299F4A27EC.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\EC45C70F2A3D9DED718E71631C38E2FE.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\F01326692CC5736EBAC31B9FC2381CF2.mof - error opening [4]
C:\Windows\System32\wbem\AutoRecover\F81E6BEBC3067C406E6C491608474198.mof - error opening [4]
C:\Windows\System32\winevt\Logs\Application.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\DFS Replication.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Key Management Service.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Client%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CorruptedFileRecovery-Server%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DateTimeControlPanel%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-PLA%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx.corrupt - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnostic%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticResolver%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Forwarding%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Help%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WDI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Metrics.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TerminalServices-RDPClient%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winlogon%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Wired-AutoConfig%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\ODiag.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\OSession.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Security.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\Setup.evtx - error opening [4]
C:\Windows\System32\winevt\Logs\System.evtx - error opening [4]
C:\Windows\Tasks\At1.job - error opening [4]
C:\Windows\Tasks\At10.job - error opening [4]
C:\Windows\Tasks\At11.job - error opening [4]
C:\Windows\Tasks\At12.job - error opening [4]
C:\Windows\Tasks\At13.job - error opening [4]
C:\Windows\Tasks\At14.job - error opening [4]
C:\Windows\Tasks\At15.job - error opening [4]
C:\Windows\Tasks\At16.job - error opening [4]
C:\Windows\Tasks\At17.job - error opening [4]
C:\Windows\Tasks\At18.job - error opening [4]
C:\Windows\Tasks\At19.job - error opening [4]
C:\Windows\Tasks\At2.job - error opening [4]
C:\Windows\Tasks\At20.job - error opening [4]
C:\Windows\Tasks\At21.job - error opening [4]
C:\Windows\Tasks\At22.job - error opening [4]
C:\Windows\Tasks\At23.job - error opening [4]
C:\Windows\Tasks\At24.job - error opening [4]
C:\Windows\Tasks\At3.job - error opening [4]
C:\Windows\Tasks\At4.job - error opening [4]
C:\Windows\Tasks\At5.job - error opening [4]
C:\Windows\Tasks\At6.job - error opening [4]
C:\Windows\Tasks\At7.job - error opening [4]
C:\Windows\Tasks\At8.job - error opening [4]
C:\Windows\Tasks\At9.job - error opening [4]
C:\Windows\Tasks\Uniblue SpyEraser.job - error opening [4]
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16386_none_cef7ceb03914a67f\dnary.xsd - error opening [4]
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16830_none_cf27e60e38f17483\dnary.xsd - error opening [4]
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.21023_none_cfbf2bc5520477a3\dnary.xsd - error opening [4]
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.18226_none_d11ef65c360a818d\dnary.xsd - error opening [4]
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6002.18005_none_d31a09b83321829f\dnary.xsd - error opening [4]
E:\ - error opening [4]
F:\ - error opening [4]
G:\ - error opening [4]
H:\ - error opening [4]
I:\ - error opening [4]
Number of scanned objects: 478958
Number of threats found: 1
Number of cleaned objects: 0
Time of completion: 3:35:03 PM Total scanning time: 6089 sec (01:41:29)

Notes:
[4] Object cannot be opened. It may be in use by another application or operating system.

Edit: Moved topic from Vista to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 trollocks

trollocks

  • Members
  • 369 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England
  • Local time:02:19 PM

Posted 19 September 2009 - 07:26 PM

seems like rootkit

brilliant help in am infected forum

i would suggest by posting there first

#3 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:09:19 AM

Posted 20 September 2009 - 08:31 PM

Did you run malwarebytes? Lets see a log


We Need to check for Rootkits with RootRepeal
  • Download RootRepeal from the following location and save it to your desktop.
  • Direct Download (Recommended)
  • Zip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)

  • Extract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).
  • Riight-click on rootrepeal.exe and rename it to tatertot.scr
  • Open Posted Image on your desktop.
  • Click the Posted Image tab.
  • Click the Posted Image button.
  • Check all seven boxes: Posted Image
  • Push Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the Posted Image button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users