Sophos Anti-Virus Version 4.23.0 [Win32/Intel] Virus data version 4.23E, November 2007 Includes detection for 305713 viruses, trojans and worms Copyright (c) 1989-2007 Sophos Plc, www.sophos.com System time 11:39:01, System date 03 November 2007 Command line qualifiers are: -di -remove -f -all -mime -mbr -noc -archive -opt=ISCabinet --stop-scan IDE directory is: c:\AV-CLS\Sophos Using IDE file mdro-bpx.ide Using IDE file mediad-a.ide Using IDE file agen-gek.ide Using IDE file agen-geo.ide Using IDE file agen-gep.ide Using IDE file agnt-gdz.ide Using IDE file allap-f.ide Using IDE file alman-d.ide Using IDE file autorn-g.ide Using IDE file autoru-f.ide Using IDE file bagdl-db.ide Using IDE file bagle-ta.ide Using IDE file bank-ejk.ide Using IDE file batkil-b.ide Using IDE file bdoorahj.ide Using IDE file beha-146.ide Using IDE file beha-154.ide Using IDE file behav147.ide Using IDE file bifros-f.ide Using IDE file bo2k-d.ide Using IDE file chilin-a.ide Using IDE file conhk-ah.ide Using IDE file conho-ai.ide Using IDE file delf-eyn.ide Using IDE file diazom-c.ide Using IDE file dlda-gen.ide Using IDE file dloa-bex.ide Using IDE file dload-r.ide Using IDE file dorf-aa.ide Using IDE file dorf-ad.ide Using IDE file dr-x.ide Using IDE file dref-ar.ide Using IDE file drppr-rv.ide Using IDE file dwnl-gen.ide Using IDE file dwnl-gyi.ide Using IDE file encpk-af.ide Using IDE file encpk-bf.ide Using IDE file fakev-ai.ide Using IDE file feardgen.ide Using IDE file feebs-b.ide Using IDE file feebs-bx.ide Using IDE file feebs-c.ide Using IDE file flood-ii.ide Using IDE file forbo-gt.ide Using IDE file fujac-as.ide Using IDE file gmin-a.ide Using IDE file injec-bu.ide Using IDE file ircb-yu.ide Using IDE file ircbo-yq.ide Using IDE file jenny-a.ide Using IDE file klone-n.ide Using IDE file lcjump-b.ide Using IDE file line-cg.ide Using IDE file line-ch.ide Using IDE file look-ea.ide Using IDE file lpet-a.ide Using IDE file smal-eko.ide Using IDE file agen-geg.ide Using IDE file mypis-b.ide Using IDE file naplik-a.ide Using IDE file netskybr.ide Using IDE file pahati-a.ide Using IDE file poebo-mw.ide Using IDE file pws-apa.ide Using IDE file qhostc.ide Using IDE file ranky-bd.ide Using IDE file rbot-guj.ide Using IDE file rbot-gul.ide Using IDE file rbot-gun.ide Using IDE file rbot-guo.ide Using IDE file rbot-gup.ide Using IDE file rbot-gur.ide Using IDE file rbot-guv.ide Using IDE file reapal-a.ide Using IDE file recto-a.ide Using IDE file rell-gen.ide Using IDE file renos-ah.ide Using IDE file rival-b.ide Using IDE file sbot-dij.ide Using IDE file sdbo-die.ide Using IDE file sdbt-dib.ide Using IDE file seppuk-d.ide Using IDE file shipup-m.ide Using IDE file silfd-bc.ide Using IDE file vb-dxq.ide Using IDE file sohan-am.ide Using IDE file spywadas.ide Using IDE file squatb-d.ide Using IDE file stradle.ide Using IDE file tanto-f.ide Using IDE file tesla-a.ide Using IDE file tibs-tk.ide Using IDE file tileb-kj.ide Using IDE file tileb-kl.ide Using IDE file tmdrop-a.ide Using IDE file unif-b.ide Using IDE file vanbot-n.ide Using IDE file vb-dxo.ide Using IDE file virut-p.ide Using IDE file vblame-f.ide Using IDE file vbw-c.ide Using IDE file vetor-e.ide Using IDE file vetor-f.ide Using IDE file vetor-g.ide Using IDE file virtum-x.ide Using IDE file virut-q.ide Using IDE file volage-d.ide Using IDE file zl-afh.ide Using IDE file zlob-afd.ide Using IDE file zlob-aff.ide Using IDE file zlob-afi.ide Using IDE file zlobmi-c.ide Full Scanning Could not open c:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat Could not open c:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat.LOG Could not open c:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat Could not open c:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat.LOG Could not open c:\Dokumente und Einstellungen\Seppe\Anwendungsdaten\Mozilla\Firefox\Profiles\v737s540.default\parent.lock Could not open c:\Dokumente und Einstellungen\Seppe\Lokale Einstellungen\Anwendungsdaten\Microsoft\Messenger\sEppE92@web.de\SharingMetadata\pending.dat Could not open c:\Dokumente und Einstellungen\Seppe\Lokale Einstellungen\Anwendungsdaten\Microsoft\Messenger\sEppE92@web.de\SharingMetadata\Working\database_3E54_75B4_5475_6F8F\dfsr.db Could not open c:\Dokumente und Einstellungen\Seppe\Lokale Einstellungen\Anwendungsdaten\Microsoft\Messenger\sEppE92@web.de\SharingMetadata\Working\database_3E54_75B4_5475_6F8F\fsr.log Could not open c:\Dokumente und Einstellungen\Seppe\Lokale Einstellungen\Anwendungsdaten\Microsoft\Messenger\sEppE92@web.de\SharingMetadata\Working\database_3E54_75B4_5475_6F8F\fsrtmp.log Could not open c:\Dokumente und Einstellungen\Seppe\Lokale Einstellungen\Anwendungsdaten\Microsoft\Messenger\sEppE92@web.de\SharingMetadata\Working\database_3E54_75B4_5475_6F8F\tmp.edb Could not open c:\Dokumente und Einstellungen\Seppe\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat Could not open c:\Dokumente und Einstellungen\Seppe\Lokale Einstellungen\Anwendungsdaten\Microsoft\Windows\UsrClass.dat.LOG Could not open c:\Dokumente und Einstellungen\Seppe\Lokale Einstellungen\Temp\~DF6590.tmp Could not open c:\Dokumente und Einstellungen\Seppe\Lokale Einstellungen\Temp\~DF65A5.tmp Could not open c:\Dokumente und Einstellungen\Seppe\Lokale Einstellungen\Temp\~DF9F3A.tmp Could not open c:\Dokumente und Einstellungen\Seppe\Lokale Einstellungen\Temp\~DF9F4E.tmp Could not open c:\Programme\BOINC\slots\0\boinc_lockfile Aborted checking c:\Programme\GUILD WARS\Gw.dat - appears to be a 'zip bomb' >>> Virus 'Troj/Keygen-BE' found in file c:\System Volume Information\_restore{38FC247B-F908-4627-A64E-3AA8E1E93727}\RP462\A0143272.exe Removal successful >>> Virus 'Joke/BadGame-A' found in file c:\System Volume Information\_restore{38FC247B-F908-4627-A64E-3AA8E1E93727}\RP474\A0145747.exe Removal successful >>> Virus 'Joke/BadGame-A' found in file c:\System Volume Information\_restore{38FC247B-F908-4627-A64E-3AA8E1E93727}\RP477\A0146536.exe Removal successful >>> Virus 'Joke/Buttons-A' found in file c:\System Volume Information\_restore{38FC247B-F908-4627-A64E-3AA8E1E93727}\RP477\A0146537.exe Removal successful >>> Virus 'Mal/Packer' found in file c:\System Volume Information\_restore{38FC247B-F908-4627-A64E-3AA8E1E93727}\RP497\A0154736.exe Removal successful >>> Virus 'Mal/Packer' found in file c:\System Volume Information\_restore{38FC247B-F908-4627-A64E-3AA8E1E93727}\RP498\A0154818.exe Removal successful Could not open c:\WINDOWS\system32\config\system.LOG Could not open c:\WINDOWS\system32\drivers\sptd.sys >>> Virus 'Joke/Buttons-A' found in file d:\Fun\langew.exe Removal successful >>> Virus 'Mal/Behav-023' found in file d:\Games\Call of Duty\CoDUOSP.exe Removal successful Aborted checking d:\Games\Crysis\Download+Install\crysis.rar - appears to be a 'zip bomb' Aborted checking d:\Games\Guild Wars\Gw.dat - appears to be a 'zip bomb' Aborted checking d:\Games\Steam\steamapps\counter-strike source shared.gcf - appears to be a 'zip bomb' Aborted checking d:\Games\Steam\steamapps\source materials.gcf - appears to be a 'zip bomb' >>> Virus 'Troj/Keygen-BE' found in file d:\Progiez\TuneUp Utilities 2007\TuneUp Utilities Keygen\150a6aa8655b96a6228d44bb70bae47186c.zip\keygen.exe Removal successful >>> Virus 'Troj/Keygen-BE' found in file d:\Progiez\TuneUp Utilities 2007\TuneUp Utilities Keygen\keygen.exe Removal successful >>> Virus 'Mal/Packer' found in file d:\System Volume Information\_restore{1684232A-6249-442F-9785-124686A90B65}\RP1\A0000045.exe Removal successful Could not check d:\System Volume Information\_restore{1684232A-6249-442F-9785-124686A90B65}\RP42\A0000822.exe\SfxArchiveData\Sarc0000 (corrupt) >>> Virus 'Troj/VB-DXM' found in file d:\System Volume Information\_restore{38FC247B-F908-4627-A64E-3AA8E1E93727}\RP470\A0144878.exe Removal successful >>> Virus 'Joke/BadGame-A' found in file d:\System Volume Information\_restore{38FC247B-F908-4627-A64E-3AA8E1E93727}\RP485\A0149970.exe Removal successful >>> Virus 'Joke/Buttons-A' found in file d:\System Volume Information\_restore{38FC247B-F908-4627-A64E-3AA8E1E93727}\RP498\A0154911.exe Removal successful >>> Virus 'Mal/Behav-023' found in file d:\System Volume Information\_restore{38FC247B-F908-4627-A64E-3AA8E1E93727}\RP498\A0154912.exe Removal successful >>> Virus 'Troj/Keygen-BE' found in file d:\System Volume Information\_restore{38FC247B-F908-4627-A64E-3AA8E1E93727}\RP498\A0154926.exe Removal successful Could not open PHYSICAL:0081:0000:0000:0001 Could not open PHYSICAL:0082:0000:0000:0001 Could not open PHYSICAL:0083:0000:0000:0001 Could not open PHYSICAL:0084:0000:0000:0001 5 master boot records swept. 154083 files swept in 3 hours, 42 minutes and 45 seconds. 29 errors were encountered. 16 viruses were discovered. 16 files out of 154083 were infected. Please send infected samples to Sophos for analysis. For advice consult www.sophos.com, email support@sophos.com or telephone +44 1235 559933 Ending Sophos Anti-Virus.