Whew! That took nearly six hours, during which time of course I couldn't use my system for anything else! Anyway, here's the log, with the ~100 MB (!!) of presumably useless "File was OK" messages edited out, of course (I highly doubt this forum could handle the entire thing, as even Notepad barely can
)
=============================================================================
Dr.Web Scanner for Windows v6.00.2 (6.00.2.05140)
(c) Doctor Web, Ltd., 1992-2010
Log generated on: 2010-07-08, 23:44:28 [OWNER-PC][owner]
Command line: "C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\cb1e5_xp.exe"
/lng /ini:setup_xp.ini /fast
Operating system: Windows Seven Premium x64/WOW (Build 7600)
=============================================================================
DwShield doesn't load
Engine version: 5.00 (5.00.2.03300)
Engine API version: 2.02
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\f72f8b85 -
823 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\f59d69a5 -
7998 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\f9b83964 -
29168 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\8d03e1e2 -
34202 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\0bc6dc15 -
28292 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\883efafc -
27164 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\79138d56 -
25131 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\aa6a8b8f -
31464 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\8d92e899 -
18281 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\df57f52f -
18009 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\e6a6f399 -
24685 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\eb23cf16 -
13715 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\86f12352 -
16025 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\70faebaf -
15644 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\04afdfb5 -
23265 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\7584b30f -
23135 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\10023e0c -
20510 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\9930c694 -
25475 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\76d9c989 -
16298 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\39e73f8a -
19357 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\5d6bac2a -
18381 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\18efa546 -
19562 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\42a65dd9 -
27102 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\8a4ab744 -
21223 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\ea20238f -
26228 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\f37fa412 -
23251 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\3a1b9bf6 -
14982 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\2d6ad0d0 -
17748 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\c2e0fcf6 -
18725 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\c8d21683 -
18429 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\fc8a0442 -
6229 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\4718d86e -
142240 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\b7a589f2 -
66726 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\af265669 -
24512 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\21aafd79 -
82762 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\d91dab36 -
508543 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\eb29214a -
587 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\9b125301 -
1959 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\af427890 -
2033 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\7557ee9a -
1812 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\3862db60 -
1738 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\2445575b -
1885 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\8ab49450 -
2091 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\5d93dc8b -
1569 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\9a38cddf -
1834 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\d8f649f0 -
1018 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\9f78d954 -
2297 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\5d803d5a -
2110 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\095c507e -
2007 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\4941e267 -
2370 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\3df513ae -
2241 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\6f9ba643 -
2596 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\8ca1d589 -
2024 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\baad09b8 -
1609 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\8db367b4 -
1471 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\2cec4a50 -
1445 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\606fbde9 -
1895 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\b283179b -
2312 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\23205ab4 -
3006 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\0247cf05 -
2146 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\71443fe5 -
1714 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\647e3e65 -
2095 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\aa797df8 -
2715 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\e90db8a4 -
2545 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\b5c50ad5 -
2801 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\7fe183f8 -
6197 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\ecc8ad90 -
28348 virus records
Total virus records: 1547754
[Self-checking] C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\cb1e5_xp.exe
Key file: C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-56FC85C6\setup.key
License key number: 0014068946
Registered to: An unauthorized User
License key activates on: 2010-03-16
License key expires on: 2010-09-16
Process in memory: C:\Windows\System32\smss.exe:228 - OK
Process in memory: C:\Windows\System32\csrss.exe:312 - OK
Process in memory: C:\Windows\System32\wininit.exe:348 - OK
Process in memory: C:\Windows\System32\csrss.exe:360 - OK
Process in memory: C:\Windows\System32\services.exe:404 - OK
Process in memory: C:\Windows\System32\lsass.exe:412 - OK
Process in memory: C:\Windows\System32\lsm.exe:440 - OK
Process in memory: C:\Windows\System32\winlogon.exe:468 - OK
Process in memory: C:\Windows\System32\svchost.exe:564 - OK
Process in memory: C:\Windows\System32\svchost.exe:636 - OK
Process in memory: C:\Windows\System32\svchost.exe:700 - OK
Process in memory: C:\Windows\System32\svchost.exe:736 - OK
Process in memory: C:\Windows\System32\svchost.exe:832 - OK
Process in memory: C:\Windows\System32\svchost.exe:892 - OK
Process in memory: C:\Windows\System32\svchost.exe:920 - OK
Process in memory: C:\Windows\System32\svchost.exe:128 - OK
Process in memory: C:\Windows\explorer.exe:1096 - OK
Process in memory: C:\Windows\System32\ctfmon.exe:1308 - OK
Process in memory: C:\_TEMP\_KILLIT\drweb-cureit.exe:2020 - OK
Process in memory: C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-
56FC85C6\985ee5.exe:756 - OK
Process in memory: C:\Windows\SysWOW64\ctfmon.exe:1200 - OK
Process in memory: C:\Users\owner\AppData\Local\Temp\3D788B89-8950E05-77C3C829-
56FC85C6\cb1e5_xp.exe:1468 - OK
[Memory scanning] No viruses found
Master Boot Record HDD1 - OK
Active OS/2 or WinNT Boot Sector HDD1 - OK
OS/2 or WinNT Boot Sector HDD1 - OK
OS/2 or WinNT Boot Sector HDD1 - OK
[Scan path] C:\Windows\system32
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-
601632D005A0 - OK
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-
601632D005A0 - OK
[...many megabytes of log material removed where files on disk were checked, all "OK"...]
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Scanned: 19361
Infected: 0
Modifications: 0
Suspicious: 0
Adware: 0
Dialers: 0
Jokes: 0
Riskware: 0
Hacktools: 0
Cured: 0
Deleted: 0
Renamed: 0
Moved: 0
Ignored: 0
Scan speed: 1922 Kb/s
Scan time: 0:11:36
-----------------------------------------------------------------------------
Master Boot Record HDD1 - OK
Active OS/2 or WinNT Boot Sector HDD1 - OK
OS/2 or WinNT Boot Sector HDD1 - OK
OS/2 or WinNT Boot Sector HDD1 - OK
[Scan path] C:\
C:\FINIS_IT.TXT - OK
C:\IPH.PH - OK
[...over 90 MB of log material removed where files were all "OK" with two exceptions, below:]
>>>C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-
85EF591126E7}\Norton\QBackup\{7F9F4FB6-7984-499B-9B76-24EFE7862B84}\{2D62FD9A-DB0F-44F7-AF9B-
49318AD01F54}.qbd/data001 infected with BackDoor.Tdss.2459
>C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-
85EF591126E7}\Norton\QBackup\{7F9F4FB6-7984-499B-9B76-24EFE7862B84}\{2D62FD9A-DB0F-44F7-AF9B-
49318AD01F54}.qbd - archive contains infected objects - moved
[...and futher down:]
>>>C:\Documents and Settings\owner\DoctorWeb\Quarantine\{2D62FD9A-DB0F-44F7-AF9B-
49318AD01F54}.qbd/data001 infected with BackDoor.Tdss.2459
>C:\Documents and Settings\owner\DoctorWeb\Quarantine\{2D62FD9A-DB0F-44F7-AF9B-49318AD01F54}.qbd
- archive contains infected objects - moved
[...finally:]
D:\System Volume Information\tracking.log - OK
D:\System Volume Information\EfaData\SYMEFA.DB - OK
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Scanned: 813751
Infected: 2
Modifications: 0
Suspicious: 0
Adware: 0
Dialers: 0
Jokes: 0
Riskware: 0
Hacktools: 0
Cured: 0
Deleted: 0
Renamed: 0
Moved: 2
Ignored: 0
Scan speed: 207 Kb/s
Scan time: 5:03:29
-----------------------------------------------------------------------------
=============================================================================
Total session statistics
=============================================================================
Scanned: 833112
Infected: 2
Modifications: 0
Suspicious: 0
Adware: 0
Dialers: 0
Jokes: 0
Riskware: 0
Hacktools: 0
Cured: 0
Deleted: 0
Renamed: 0
Moved: 2
Ignored: 0
Scan speed: 48 Kb/s
Scan time: 5:15:09
=============================================================================