Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 "Access Denied" and other insanity


  • Please log in to reply
10 replies to this topic

#1 WatchtheCollapse

WatchtheCollapse

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:02 AM

Posted 14 June 2011 - 02:38 AM

A friend of mine asked me to look at his HP G71-358NR Notebook, claiming there was a virus or something on it. I loaded it up, clicked around a bit and didn't notice anything out of the ordinary.

Then I tried to access his device manager and received a "Network Error" stating "Windows cannot access..." followed by a long string of characters.

I tried to open his C: Drive and got a "Location is not available" error "Access is denied" prompt. Then I tried to change it's security settings under "Advanced security settings for local disk" to see if it would grant me access, but his name was the only one that appeared under "Change Owner To" and it was greyed out so I couldn't select it. Clicking "Edit" brings up a "Can't open access control editor. Access is denied" prompt.

I then tried updating his computer (which was over 40 important updates behind) but got a "You need to provide administrator permission" prompt.

Then I tried booting it in safe mode through msconfig and got "Windows cannot access C:\Windows\system32\msconfig.exe"

I restarted it and did the F8 method which worked. Tried everything above again in safe mode. Same results

I used the "net user administrator /active:yes" command in the cmd prompt. It gave me access to the hidden administrator profile. Tried everything above yet again. Same results.

The I went into safe mode with networking under the administrator profile to download malwarebytes. After attempting to install it in Program Files the computer informed me the directory was not accessible and to browse for another location to save the file. I click the browse button and "Access is denied".

I tried downloading the malwarebytes exe file from another computer and saving to a usb drive. I plugged the drive into his laptop, tried moving the file to his desktop. "C: Drive is not accessible. Access is denied"

I've tried changing the UAC settings. It won't even appear. The screen just flickers
I've tried System Restore. Nothing
I even tried System Recovery. Nothing

Granted, I'm not very familiar with the Windows 7 OS, but I've never seen anything like this before in my life. This is absolutely ridiculous! It's like he's completely locked out of his own computer.

I've never had to indian wrestle with an OS just to run a simple virus scan! And after all this I'm convinced a virus is the least of his problem

Any and all help will be greatly appreciated.

(Edit: And I just realized this is in the wrong forum. My apologies.)

Edited by hamluis, 14 June 2011 - 08:42 AM.
Moved from Vista to Win 7.


BC AdBot (Login to Remove)

 


#2 caperjac

caperjac

  • Members
  • 1,649 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NS. CAN
  • Local time:04:02 AM

Posted 14 June 2011 - 10:36 AM

I've never had to Indian wrestle with an OS just to run a simple virus scan! And after all this I'm convinced a virus is the least of his problem


that's only because you never had this infection on the other OS

i think your post should have been mover to the" am i infected"section this forum.
http://www.bleepingcomputer.com/forums/topic182397.html

Edited by caperjac, 14 June 2011 - 10:38 AM.

My answers are my opinion only,usually


#3 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:12:02 AM

Posted 15 June 2011 - 03:49 AM

Have you checked the disk for errors?

1. Click the Start button Picture of the Start button.
2. In the Search box, type command prompt.
3. In the list of results, right-click Command Prompt, and then click Run as administrator. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
4. In the command prompt, type chkdsk /r C:
5. Chkdsk will report that it cannot check the disk and ask you if you want to schedule a check on the next reboot. Say yes and reboot.

The /r option specifies a very thorough check, so the check will take a long time.


If the check finds no errors, try using the System File Checker utility to verify the Windows core system files:
1. Open an elevated command prompt as specified in the previous steps.
2. In the command prompt type sfc /scannow

The System File Checker will start verifying that all system files are undamaged and unaltered. If any files are found to be damaged, Windows will attempt to repair them or will prompt you for your installation DVD to copy them over from.


If neither the chkdsk or sfc programs find problems, or if they can't run, post back.

#4 WatchtheCollapse

WatchtheCollapse
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:02 AM

Posted 15 June 2011 - 10:35 AM

chkdsk scan came back clean.
sfc said "windows resource protection did not find any integrity violations"

#5 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:12:02 AM

Posted 15 June 2011 - 12:10 PM

Perhaps it is an infection, then.

You can try using a bootable virus scanner like Kaspersky Rescue Disk. The Rescue Disk ought to be able to scan even if active malware is blocking access in Windows.

If that doesn't work or if you prefer not to download the Rescue Disk, then caperjac has the right idea in pointing you the Am I Infected? forum as that's where the malware experts tend to hang out.

#6 WatchtheCollapse

WatchtheCollapse
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:02 AM

Posted 15 June 2011 - 03:08 PM

I ran the Kaspersky scan. It found 50 infected files, but the computer is atill bombarding me with "access denied" prompts. Can this topic be moved to the Malware forums or should I start a new thread?

#7 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:12:02 AM

Posted 15 June 2011 - 04:02 PM

Moved.

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:02 AM

Posted 21 June 2011 - 01:33 PM

Can you post some logs of what is being detected?

#9 WatchtheCollapse

WatchtheCollapse
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:02 AM

Posted 21 June 2011 - 06:46 PM

I could have missed it, but I didn't see where the Kaspersky Rescue Disk saved a log of it's scan.

I do know that after running malwarebyes from a data stick it found Trojan.FakeAV.Gen, Trojan.LVBP and Trojan.Agent. Whatever has infected this computer Kaspersky seemed to have removed quite a bit of it, but I'm still locked out of everything even after logging in as the administrator. Even RKill receives cascading "Installation Failed" prompts when I try to use it.

#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:02 AM

Posted 21 June 2011 - 06:52 PM

Did it save a log file to the data stick?

#11 WatchtheCollapse

WatchtheCollapse
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:02 AM

Posted 22 June 2011 - 04:49 PM

Apparently the Kaspersky scan did save logs. Sorry about that, I had never used this program before. This is from the scan I did 7 days ago, and one I did today.





Virus Scan: completed 7 days ago (events: 113, objects: 1936145, time: 01:53:19)
6/15/11 1:51 PM Task started
6/15/11 2:16 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/8ORTT1CE/campaign[1].htm
6/15/11 2:17 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/8ORTT1CE/campaign[1].htm
6/15/11 2:17 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/Y1U0MU7S/dataCAEDO5M1.aspx
6/15/11 2:17 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/Y1U0MU7S/dataCAEDO5M1.aspx
6/15/11 2:17 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/Y1U0MU7S/51[1]
6/15/11 2:17 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/Y1U0MU7S/51[1]
6/15/11 2:17 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/ZH6V13LI/map-1.6.0[1].xml
6/15/11 2:17 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/ZH6V13LI/map-1.6.0[1].xml
6/15/11 2:17 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/4ESFHBJC/159[1]
6/15/11 2:17 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/4ESFHBJC/159[1]
6/15/11 2:17 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/4ESFHBJC/channels;s=a;tile=1;sz=728x90;ord=2941875904876583[1]
6/15/11 2:17 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/4ESFHBJC/channels;s=a;tile=1;sz=728x90;ord=2941875904876583[1]
6/15/11 2:17 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/4ESFHBJC/51[2]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/4ESFHBJC/51[2]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/4ESFHBJC/button[1].htm
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/4ESFHBJC/button[1].htm
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/6LXDWK0P/ads[2]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/6LXDWK0P/ads[2]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/6LXDWK0P/reebok_com[1]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/6LXDWK0P/reebok_com[1]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/6LXDWK0P/51[3]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/6LXDWK0P/51[4]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/6LXDWK0P/51[3]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/6LXDWK0P/51[5]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/6LXDWK0P/51[4]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/6LXDWK0P/51[5]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/BH74QSOA/ads[1]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/BH74QSOA/ads[1]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/BH74QSOA/51[4]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/BH74QSOA/51[5]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/BH74QSOA/51[4]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/BH74QSOA/51[6]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/BH74QSOA/51[5]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/BH74QSOA/51[6]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/DRYTVNAG/reebak_com[1]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/DRYTVNAG/reebak_com[1]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/DRYTVNAG/generic[2].js
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/DRYTVNAG/generic[2].js
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/DRYTVNAG/ads[3]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/DRYTVNAG/51[1]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/DRYTVNAG/ads[3]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/DRYTVNAG/51[1]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/challenge[1]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/challenge[1]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/fwlink[1]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/fwlink[1]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/51[6]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/51[5]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/51[6]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/51[7]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/51[5]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/51[8]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/51[7]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/51[9]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/51[8]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/GLAEBYFS/51[9]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/VN58DV0V/51[3]
6/15/11 2:18 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/VN58DV0V/51[6]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/VN58DV0V/51[3]
6/15/11 2:18 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/VN58DV0V/51[6]
6/15/11 2:19 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/VN58DV0V/20017542[1]
6/15/11 2:19 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/VN58DV0V/20017542[1]
6/15/11 2:19 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/VN58DV0V/cmn_complex[1].js
6/15/11 2:19 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/VN58DV0V/cmn_complex[1].js
6/15/11 2:19 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/VN58DV0V/knoxnews_com[1]
6/15/11 2:19 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/VN58DV0V/knoxnews_com[1]
6/15/11 2:19 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/XTOS3O6K/MLB[1]
6/15/11 2:19 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/XTOS3O6K/MLB[1]
6/15/11 2:19 PM Detected: Exploit.JS.Pdfka.doi sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/XTOS3O6K/xzxvxpxnjqfmfz[1].pdf/data0009
6/15/11 2:19 PM Detected: Exploit.JS.Pdfka.doi sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/XTOS3O6K/xzxvxpxnjqfmfz[1].pdf/data0015
6/15/11 2:19 PM Deleted: Exploit.JS.Pdfka.doi sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/XTOS3O6K/xzxvxpxnjqfmfz[1].pdf
6/15/11 2:19 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/XTOS3O6K/51[4]
6/15/11 2:19 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/XTOS3O6K/51[5]
6/15/11 2:19 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/XTOS3O6K/51[4]
6/15/11 2:19 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/XTOS3O6K/51[5]
6/15/11 2:19 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/XTOS3O6K/hnd[1].ashx
6/15/11 2:19 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/XTOS3O6K/home;s=a;tile=6;sz=1020x400;ord=2941875904876583[1]
6/15/11 2:19 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/XTOS3O6K/hnd[1].ashx
6/15/11 2:19 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/XTOS3O6K/home;s=a;tile=6;sz=1020x400;ord=2941875904876583[1]
6/15/11 2:19 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/Y4Q4CUWN/channels;s=a;tile=2;sz=300x250;ord=2941875904876583[1]
6/15/11 2:19 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/Y4Q4CUWN/channels;s=a;tile=2;sz=300x250;ord=2941875904876583[1]
6/15/11 2:19 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/Y4Q4CUWN/51[2]
6/15/11 2:19 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/Y4Q4CUWN/51[1]
6/15/11 2:19 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/Y4Q4CUWN/51[2]
6/15/11 2:19 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/Y4Q4CUWN/51[3]
6/15/11 2:19 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/Y4Q4CUWN/51[1]
6/15/11 2:19 PM Detected: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/Y4Q4CUWN/51[4]
6/15/11 2:19 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/Y4Q4CUWN/51[3]
6/15/11 2:19 PM Deleted: Trojan.HTML.Fraud.di sda2/Users/Montario Washington/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/Y4Q4CUWN/51[4]
6/15/11 2:21 PM Detected: Trojan-Downloader.Java.OpenConnection.bu sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/15/368ee0f-5d0737a6/bpac/a.class
6/15/11 2:21 PM Detected: Trojan.Java.Agent.am sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/15/368ee0f-5d0737a6/bpac/b.class
6/15/11 2:21 PM Detected: Trojan-Downloader.Java.OpenConnection.cg sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/15/368ee0f-5d0737a6/bpac/KAVS.class
6/15/11 2:21 PM Deleted: Trojan-Downloader.Java.OpenConnection.cg sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/15/368ee0f-5d0737a6
6/15/11 2:21 PM Detected: Trojan-Downloader.Java.OpenStream.as sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/21/115bbe55-74924da0/cpak/Crimepack.class
6/15/11 2:21 PM Deleted: Trojan-Downloader.Java.OpenStream.as sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/21/115bbe55-74924da0
6/15/11 2:21 PM Detected: Trojan-Downloader.Java.Agent.fx sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/39/bc9d527-7f1f1283/gogol/Emailer.class
6/15/11 2:22 PM Detected: Exploit.Java.Agent.f sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/39/bc9d527-7f1f1283/gogol/Familie.class
6/15/11 2:22 PM Detected: Trojan-Downloader.Java.Agent.fy sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/39/bc9d527-7f1f1283/gogol/PhonBook.class
6/15/11 2:22 PM Deleted: Trojan-Downloader.Java.Agent.fy sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/39/bc9d527-7f1f1283
6/15/11 2:22 PM Detected: Exploit.Java.CVE-2010-0094.b sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/46/23109c6e-451faf19/Exploit.class
6/15/11 2:22 PM Detected: Exploit.Java.CVE-2010-0094.q sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/46/23109c6e-451faf19/PayloadCreater.class
6/15/11 2:22 PM Detected: Exploit.Java.CVE-2010-0094.q sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/46/23109c6e-451faf19/PayloadClassLoader.class
6/15/11 2:22 PM Deleted: Exploit.Java.CVE-2010-0094.q sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/46/23109c6e-451faf19
6/15/11 2:22 PM Detected: Trojan-Downloader.Java.OpenConnection.cf sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/53/575d3075-54d0b2ac/bpac/a.class
6/15/11 2:22 PM Detected: Trojan.Java.Agent.am sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/53/575d3075-54d0b2ac/bpac/b.class
6/15/11 2:22 PM Detected: Trojan-Downloader.Java.OpenConnection.cg sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/53/575d3075-54d0b2ac/bpac/KAVS.class
6/15/11 2:22 PM Deleted: Trojan-Downloader.Java.OpenConnection.cg sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/53/575d3075-54d0b2ac
6/15/11 2:22 PM Detected: Trojan.Java.Agent.ab sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/7/71eaae07-1f7201be/Is.class
6/15/11 2:22 PM Detected: Trojan.Java.Agent.aa sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/7/71eaae07-1f7201be/MyName.class
6/15/11 2:22 PM Detected: Trojan.Java.Agent.ac sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/7/71eaae07-1f7201be/Phone.class
6/15/11 2:22 PM Deleted: Trojan.Java.Agent.ac sda2/Users/Montario Washington/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/7/71eaae07-1f7201be
6/15/11 3:44 PM Task completed
Virus Scan: completed 13 minutes ago (events: 2, objects: 783012, time: 01:13:48)
6/22/11 2:54 PM Task started
6/22/11 4:08 PM Task completed




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users