NOD32 Log.. Extensive Error's

Discussion in 'NOD32 version 2 Forum' started by UPSer, Oct 13, 2007.

Thread Status:
Not open for further replies.
  1. UPSer

    UPSer Registered Member

    Joined:
    Oct 13, 2007
    Posts:
    17
    Location:
    Rhode Island
    Something does not seem right here.

    Scan performed at: 10/13/2007 13:21:53 PM
    Scanning Log
    NOD32 version 2590 (20071012) NT
    Operating memory - is OK
    MBR sector of the 3. physical disk - Error reading disk sector

    Date: 13.10.2007 Time: 13:22:00
    Anti-Stealth technology is enabled.
    Scanned disks, folders and files: C:; D:; E:
    D:\System Volume Information\MountPointManagerRemoteDatabase - error opening (Access denied) [4]
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »arrow1.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »arrow2.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bck1.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bck2.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt11.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt12.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt13.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt21.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt22.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt23.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt31.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt32.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt33.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt41.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt42.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt43.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt51.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt52.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt53.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt61.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »bt62.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »checkbox1.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »checkbox2.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »checkbox3.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »checkbox4.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »default.skn - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »defbtn1.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »defbtn2.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »defbtn3.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »glyph1.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »glyph2.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »glyph3.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »glyph4.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »glyph5.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »glyph6.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »glyph7.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »main.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »preview.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »sprite1.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »tab1.bmp - error - password-protected file
    D:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP216\A0024664.exe »WISE »Ad-Aware SE default.ask »ZIP »tab2.bmp - error - password-protected file
    E:\hiberfil.sys - error opening (File locked) [4]
    E:\pagefile.sys - error opening (File locked) [4]
    E:\AOL Instant Messenger\AIM.exe »WISE »WxBug.EXE »WISE »MiniBugTransporter.dll - Win32/Adware.WBug.A application
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterAntiVirusDisableNotify.zip »ZIP »sbRecovery.reg - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterAntiVirusDisableNotify.zip »ZIP »sbRecovery.ini - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterFirewallDisableNotify.zip »ZIP »sbRecovery.reg - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterFirewallDisableNotify.zip »ZIP »sbRecovery.ini - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterUpdateDisableNotify.zip »ZIP »sbRecovery.reg - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterUpdateDisableNotify.zip »ZIP »sbRecovery.ini - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\ZlobDirectVideo.zip »ZIP »sbRecovery.reg - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\ZlobDirectVideo.zip »ZIP »sbRecovery.ini - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\ZlobDNSChanger.zip »ZIP »sbRecovery.reg - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\ZlobDNSChanger.zip »ZIP »sbRecovery.ini - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\ZlobDNSChanger1.zip »ZIP »sbRecovery.reg - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\ZlobDNSChanger1.zip »ZIP »sbRecovery.ini - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\ZlobDNSChanger2.zip »ZIP »sbRecovery.reg - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\ZlobDNSChanger2.zip »ZIP »sbRecovery.ini - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\ZlobMovieBox.zip »ZIP »kdohe.exe - error - password-protected file
    E:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\ZlobMovieBox.zip »ZIP »sbRecovery.ini - error - password-protected file
    E:\Documents and Settings\kyle\ntuser.dat - error opening (File locked) [4]
    E:\Documents and Settings\kyle\ntuser.dat.LOG - error opening (File locked) [4]
    E:\Documents and Settings\kyle\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 10-12-2007 - 22-58-39.SBU »ZIP »{12DD4DDD-6EFF-4478-8469-5E9FB67FE7A1} - error - password-protected file
    E:\Documents and Settings\kyle\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 10-12-2007 - 22-58-39.SBU »ZIP »{1DF66F4D-5EA9-451B-BDE3-E3A73F5458C9} - error - password-protected file
    E:\Documents and Settings\kyle\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 10-12-2007 - 22-58-39.SBU »ZIP »{2A226862-60AA-4F01-AC11-3782BFD07874} - error - password-protected file
    E:\Documents and Settings\kyle\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 10-12-2007 - 22-58-39.SBU »ZIP »{94EA324A-9013-46FA-98E8-903D463ED427} - error - password-protected file
    E:\Documents and Settings\kyle\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 10-12-2007 - 22-58-39.SBU »ZIP »{9CE7375A-8FDD-4F33-B404-66DDAE0EAB14} - error - password-protected file
    E:\Documents and Settings\kyle\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 10-12-2007 - 22-58-39.SBU »ZIP »backup.db - error - password-protected file
    E:\Documents and Settings\kyle\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4]
    E:\Documents and Settings\kyle\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4]
    E:\Documents and Settings\LocalService\NTUSER.DAT - error opening (File locked) [4]
    E:\Documents and Settings\LocalService\ntuser.dat.LOG - error opening (File locked) [4]
    E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4]
    E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4]
    E:\Documents and Settings\NetworkService\NTUSER.DAT - error opening (File locked) [4]
    E:\Documents and Settings\NetworkService\ntuser.dat.LOG - error opening (File locked) [4]
    E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4]
    E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4]
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »agent_lang_helper.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »agentins.ini - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »agntcons.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »agntinst.htm - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »agntinst.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »agntlang.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »default.htm - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »header.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »HtmlUtil.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »images/bg_left_1x314.gif - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »images/icon_info_16x16.gif - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »images/icon_mcafee_61x61.gif - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »images/icon_progress_checked_13x13.gif - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »images/icon_progress_hot_13x13.gif - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »images/icon_progress_unchecked_13x13.gif - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »InstUtil.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »instwiz.css - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »instxp.css - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »lang_agnt.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »mcccom.lpk - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »pbar.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »setcss.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »SubInfoData.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentins.ui »ZIP »vssver.scc - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »countries.js - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »default.htm - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »header.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »HtmlUtil.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »images/bg_left_1x314.gif - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »images/icon_info_16x16.gif - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »images/icon_mcafee_61x61.gif - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »images/icon_progress_checked_13x13.gif - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »images/icon_progress_hot_13x13.gif - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »images/icon_progress_unchecked_13x13.gif - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »install.htm - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »instwiz.css - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »instxp.css - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »lang_countries.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »lang_vso.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »mcccom.lpk - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »pbar.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »setcss.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »VsoConst.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »vsoins.ini - error - password-protected file
    E:\MAV\mavinst.exe »WISE »vsoins.ui »ZIP »VSOPropConst.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentcfg.cab »CAB »screm.ui »ZIP »agntcons.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentcfg.cab »CAB »screm.ui »ZIP »agntlang.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentcfg.cab »CAB »screm.ui »ZIP »comctl.lpk - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentcfg.cab »CAB »screm.ui »ZIP »config.ini - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentcfg.cab »CAB »screm.ui »ZIP »pbar.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentcfg.cab »CAB »screm.ui »ZIP »UnInsStr.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentcfg.cab »CAB »screm.ui »ZIP »uninst.vbs - error - password-protected file
    E:\MAV\mavinst.exe »WISE »agentcfg.cab »CAB »screm.ui »ZIP »uninstall.htm - incorrect CRC checksum, the file may be damaged
    E:\MAV\mavinst.exe »WISE »agentcfg.cab »CAB »screm.ui »ZIP »vssver.scc - error - password-protected file
    E:\Program Files\AIM\Sysfiles\WxBug.EXE »WISE »MiniBugTransporter.dll - Win32/Adware.WBug.A application
    E:\Program Files\Nero\Nero 7\Nero BackItUp\BackItUp_ImageTool\root.img »GZ - archive damaged
    E:\System Volume Information\MountPointManagerRemoteDatabase - error opening (Access denied) [4]
    E:\System Volume Information\_restore{F9C8C97F-AE08-42AB-ACC6-AB4197C3FE23}\RP214\A0024514.exe - a variant of Win32/Rbot trojan
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kd8650p1.ppd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kd9000p1.ppd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kd92p001.ppd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kdcolor1.ppd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kdep7016.gpd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kdh00001.ppd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kdsui.dll - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kdsusd.dll - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »km100pue.ppd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »km1800ue.ppd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »km3800ue.ppd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kmci1100.gpd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kmd2800p.gpd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kmdp1400.gpd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kmdp1800.gpd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kmdp2800.gpd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kmdp3600.gpd - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kmixer.sys - archive damaged - the file could not be extracted.
    E:\WINDOWS\Driver Cache\i386\driver.cab »CAB »kmkm4230.gpd - archive damaged - the file could not be extracted.
    E:\WINDOWS\system32\CatRoot2\edb.log - error opening (File locked) [4]
    E:\WINDOWS\system32\CatRoot2\tmp.edb - error opening (File locked) [4]
    E:\WINDOWS\system32\config\default - error opening (File locked) [4]
    E:\WINDOWS\system32\config\default.LOG - error opening (File locked) [4]
    E:\WINDOWS\system32\config\SAM - error opening (File locked) [4]
    E:\WINDOWS\system32\config\SAM.LOG - error opening (File locked) [4]
    E:\WINDOWS\system32\config\SECURITY - error opening (File locked) [4]
    E:\WINDOWS\system32\config\SECURITY.LOG - error opening (File locked) [4]
    E:\WINDOWS\system32\config\software - error opening (File locked) [4]
    E:\WINDOWS\system32\config\software.LOG - error opening (File locked) [4]
    E:\WINDOWS\system32\config\system - error opening (File locked) [4]
    E:\WINDOWS\system32\config\system.LOG - error opening (File locked) [4]
    Number of scanned files: 134820
    Number of threats found: 3
    Number of active threats: 3
    Time of completion: 14:36:30 Total scanning time: 4470 sec (01:14:30)

    Notes:
    [4] File cannot be opened. It may be in use by another application or operating system.
     
  2. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Hi

    1) Properties on My computer - Switch off The system recovery - restart PC - switch on recovery


    2) Test these files on virustotal.com =>

    E:\Program Files\AIM\Sysfiles\WxBug.EXE
    E:\AOL Instant Messenger\AIM.exe

    3) There are a lot of damaged and protected files with password


    :thumb:
     
  3. UPSer

    UPSer Registered Member

    Joined:
    Oct 13, 2007
    Posts:
    17
    Location:
    Rhode Island
    I dont see the Recovery option, Just restore. The Recovery on my system is on its own partition because of the HP Recovery tool that is come with.

    Also I have not set any passwords on this computer?? o_O
     
  4. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Yes, "recovery" will be "restore".;)


    Delete all files from quarantine of Super antispyware and test this file on virustotal, too:

    E:\MAV\mavinst.exe

    :thumb:
     
  5. UPSer

    UPSer Registered Member

    Joined:
    Oct 13, 2007
    Posts:
    17
    Location:
    Rhode Island
    So in this order?

    1. Properties on My computer - Switch off The system recovery - restart PC - switch on recovery

    then test
    E:\Program Files\AIM\Sysfiles\WxBug.EXE
    E:\AOL Instant Messenger\AIM.exe
    E:\MAV\mavinst.exe

    or test while recovery is disabled?
     
  6. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    It isn't so important.;)


    And we have to solve the problem with this: Error reading disk sector

    I will find something for that.:thumb:
     
  7. UPSer

    UPSer Registered Member

    Joined:
    Oct 13, 2007
    Posts:
    17
    Location:
    Rhode Island
    Heres AIM.exe (Instead of screenshot ill just post the infected lines.)

    Avast 4.7.1051.0 2007.10.13 Win32:Adware-gen.
    BitDefender 7.2 2007.10.13 Adware.AWS.A
    eSafe 7.0.15.0 2007.10.10 Win32.Looked.P
    NOD32v2 2590 2007.10.13 Win32/Adware.WBug.A
    Sophos 4.22.0 2007.10.13 DataApp Installer

    How can AIM be a virus? or could one be embedded in the program it self? Should I remove it with NOD or should I just uninstall and reinstall a new app.?

    Next, weather bug is a weather monitor, but I dont understand how it can be a virus as it is supported by schools and weather stations nationwide. Or could it could be the same embedding issue as AIM? Im not too worries about this one because I never use it.

    Now here is my mavinst.exe

    NOD32v2 2590 2007.10.13 error - password-protected file

    I do not understand why it says its Password protected!!!
     
  8. MinhPhanVn

    MinhPhanVn Registered Member

    Joined:
    Oct 13, 2007
    Posts:
    6
    Location:
    Việt Nam
    Password Protected mean that it was unable to open it, there was password in that tool
     
  9. MinhPhanVn

    MinhPhanVn Registered Member

    Joined:
    Oct 13, 2007
    Posts:
    6
    Location:
    Việt Nam
Thread Status:
Not open for further replies.