Thread: howaboutadog
View Single Post
Old 10-15-2007, 02:50 PM   #11 (permalink)
WJW
Registered User
 
Join Date: Oct 2007
Posts: 12
OS: xp


Re: howaboutadog
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, October 15, 2007 11:00:00 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 15/10/2007
Kaspersky Anti-Virus database records: 436189
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 118143
Number of viruses found: 8
Number of infected objects: 96
Number of suspicious objects: 0
Duration of the scan process: 01:49:27

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-10-15_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\MSHist012007101420071015\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\~DF6531.tmp Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\~DF6545.tmp Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\~DF96DC.tmp Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Compaq_Owner\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\hp\bin\KillWind.exe Infected: not-a-virus:RiskTool.Win32.PsKill.p skipped
C:\hp\bin\wbug\HPSummer2005.exe/WISE0016.BIN Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
C:\hp\bin\wbug\HPSummer2005.exe WiseSFX: infected - 1 skipped
C:\hp\bin\wbug\HPSummer2005.exe WiseSFX Dropper: infected - 1 skipped
C:\Program Files\Altnet\Download Manager\asm.exe Infected: not-a-virus:AdWare.Win32.Altnet.l skipped
C:\Program Files\Altnet\Download Manager\asmps.dll Infected: not-a-virus:AdWare.Win32.Altnet.t skipped
C:\Program Files\Common Files\Symantec Shared\AntiSpam\Log\Spam.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\chandir.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\chandir.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\chn.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\chn.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\inuse.txt Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\L0000002.FCS Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\main.log Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_die.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_die.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\storydb.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\storydb.idx Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0030NAV~.TMP Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0384NAV~.TMP Object is locked skipped
C:\qoobox\Quarantine\C\Program Files\RXToolBar\RXToolBar.dll.vir Infected: not-a-virus:AdWare.Win32.RXBar.f skipped
C:\qoobox\Quarantine\C\Program Files\TBONBin\bak\tbon.exe.vir Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\qoobox\Quarantine\C\Program Files\TBONBin\tbon.exe.vir Infected: Trojan.Win32.Agent.bxj skipped
C:\qoobox\Quarantine\C\Program Files\TBONBin\Uninstall.exe.vir Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP624\A0068144.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP624\A0068237.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP625\A0068259.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP628\A0068334.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP633\A0068430.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP633\A0068463.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP637\A0068646.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP641\A0068742.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP649\A0068947.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP650\A0069093.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP657\A0069236.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP659\A0069287.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP661\A0069327.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP663\A0070327.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP664\A0070417.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP664\A0070432.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP665\A0070463.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP667\A0070511.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP669\A0070541.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP672\A0070615.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP675\A0070693.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP677\A0070961.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP679\A0071051.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP681\A0071137.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP683\A0072137.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP684\A0072170.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP686\A0073170.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP686\A0073196.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP687\A0073241.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP690\A0073307.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP691\A0074305.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP693\A0074340.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP695\A0074404.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP696\A0074436.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP704\A0075436.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP706\A0075479.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP709\A0075591.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076730.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076733.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076734.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076735.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076737.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076739.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076741.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076743.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076745.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076748.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076750.EXE Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076752.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076755.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076757.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076759.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076762.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076764.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076766.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076768.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP714\A0076770.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP718\A0077936.dll Infected: not-a-virus:AdWare.Win32.RXBar.f skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP719\A0077964.exe Infected: not-a-virus:AdWare.Win32.RXBar.f skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP719\A0077965.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP720\A0077983.dll Infected: not-a-virus:AdWare.Win32.Altnet.d skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078616.dll Infected: not-a-virus:AdWare.Win32.RXBar.f skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078617.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078619.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078620.exe Infected: not-a-virus:AdWare.Win32.Bestofer.b skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078670.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078671.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078672.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078673.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078674.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078675.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078676.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078677.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078678.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078679.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078680.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078681.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078682.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078683.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078684.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078685.EXE Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078686.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP728\A0078687.exe Infected: Trojan.Win32.Agent.bxj skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP729\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{F0B6EDA0-D2C3-4F24-A5E5-AEDC251737D6}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\I386\APPS\APP28543\src\HPSummer2005.exe/WISE0016.BIN Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
D:\I386\APPS\APP28543\src\HPSummer2005.exe WiseSFX: infected - 1 skipped
D:\I386\APPS\APP28543\src\HPSummer2005.exe WiseSFX Dropper: infected - 1 skipped

Scan process completed.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:03:20 AM, on 10/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\PROGRA~1\Rhapsody\rhaphlpr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dslstart.verizon.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...rm1=seconduser
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (file missing)
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [_SetRes] c:\hp\bin\cloaker c:\hp\bin\res.bat
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [FilmLoop] "C:\Program Files\FilmLoop Player\FilmLoop.exe" -hide
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom\apdproxy.exe"
O4 - HKLM\..\Run: [SansaDispatch] C:\Documents and Settings\Compaq_Owner\Desktop\SansaDispatch.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OurPictures] "C:\Program Files\RitzPix E-Z Print & Share\OurPictures.exe" /AutoStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02...s/MSNPUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - https://a248.e.akamai.net/f/248/5462...l/SymDlBrg.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - LxrSII1s.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 10104 bytes

ComboFix 07-10-14.1 - Compaq_Owner 2007-10-15 11:07:24.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.140 [GMT -4:00]
Running from: C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2007-09-15 to 2007-10-15 )))))))))))))))))))))))))))))))
.

2007-10-15 07:56 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-10-15 07:56 <DIR> d-------- C:\WINDOWS\LastGood
2007-10-15 07:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-10-14 00:02 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-12 12:44 <DIR> d-------- C:\Deckard
2007-10-12 12:33 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-10-12 11:05 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-10-01 23:25 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\InstallShield
2007-10-01 22:59 1,118,208 --a------ C:\common.dll
2007-10-01 22:59 26,624 --a------ C:\english.dll
2007-10-01 22:59 21,504 --a------ C:\spanish.dll
2007-10-01 22:59 21,504 --a------ C:\italian.dll
2007-10-01 22:59 21,504 --a------ C:\german.dll
2007-10-01 22:59 20,992 --a------ C:\french.dll
2007-10-01 22:59 16,384 --a------ C:\japanese.dll
2007-10-01 22:55 68,229 --------- C:\WINDOWS\system32\drivers\StMp3Rec.sys
2007-10-01 22:23 <DIR> d-------- C:\Program Files\SanDisk
2007-09-29 00:11 <DIR> d-------- C:\WINDOWS\system32\AGEIA
2007-09-29 00:11 <DIR> d-------- C:\Program Files\AGEIA Technologies
2007-09-17 21:53 <DIR> d-------- C:\Program Files\HP Games

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-14 22:50 --------- d-----w C:\Program Files\RitzPix E-Z Print & Share
2007-10-14 22:50 --------- d-----w C:\Program Files\REGSHAVE
2007-10-14 22:50 --------- d-----w C:\Program Files\QuickTime
2007-10-14 22:50 --------- d-----w C:\Program Files\iTunes
2007-10-14 22:50 --------- d-----w C:\Program Files\FilmLoop Player
2007-10-14 03:53 --------- d-----w C:\Program Files\Java
2007-10-12 15:59 --------- d-----w C:\Program Files\Symantec
2007-10-12 15:42 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-10-12 15:21 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Symantec
2007-10-12 15:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-10-12 14:56 --------- d-----w C:\Program Files\Viewpoint
2007-10-12 14:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-10-12 14:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-12 14:54 --------- d-----w C:\Program Files\Kazaa
2007-10-12 14:52 --------- d-----w C:\Program Files\PC-Doctor 5 for Windows
2007-10-12 13:25 --------- d-----w C:\Program Files\Google
2007-10-05 21:14 --------- d-----w C:\Program Files\Norton Internet Security
2007-10-02 02:29 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-09-28 13:09 --------- d-----w C:\Program Files\EvidenceEraser
2007-09-18 02:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\WildTangent
2007-09-13 01:38 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Image Zone Express
2007-09-13 01:33 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Printer Info Cache
2007-09-13 01:31 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\HP
2007-09-13 01:15 --------- d-----w C:\Program Files\HP
2007-09-13 01:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2007-09-13 01:14 --------- d-----w C:\Program Files\Common Files\HP
2007-09-13 01:13 --------- d-----w C:\Program Files\Hewlett-Packard
2007-09-13 01:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\HP
2007-09-13 01:11 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard
2007-09-13 01:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2007-09-12 23:17 --------- d-----w C:\Program Files\LexmarkX83
2007-09-11 19:36 --------- d-----w C:\Program Files\Yahoo! Games
2007-09-07 20:09 --------- d-----w C:\Program Files\WildTangent
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-20 10:04 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-20 10:04 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-20 10:04 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-08-20 10:04 6,058,496 ----a-w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-08-20 10:04 52,224 ----a-w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-08-20 10:04 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-20 10:04 459,264 ----a-w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-08-20 10:04 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-08-20 10:04 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-08-20 10:04 383,488 ----a-w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-08-20 10:04 3,584,512 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-20 10:04 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-20 10:04 267,776 ----a-w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-08-20 10:04 232,960 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-08-20 10:04 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-08-20 10:04 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-20 10:04 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-20 10:04 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-08-20 10:04 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-20 10:04 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2007-08-20 10:04 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2007-08-20 10:04 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
2007-08-20 10:04 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-17 10:21 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-08-17 10:20 63,488 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-08-17 10:20 13,824 ----a-w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-08-17 07:34 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-07-30 23:19 92,504 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 23:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-30 23:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-30 23:19 549,720 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 23:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-30 23:19 53,080 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 23:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-30 23:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-30 23:19 325,976 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 23:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-30 23:19 203,096 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 23:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-30 23:19 1,712,984 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 23:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-07-30 23:18 33,624 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2006-12-31 00:28 7,914,224 ----a-w C:\Program Files\yahoo_polarbowler_tm1-1.exe
2006-09-05 17:58 636 ----a-w C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
2001-06-20 20:19 40,960 ----a-w C:\Program Files\ACMonitor_X83.exe
2006-02-26 22:31:01 22 --sha-w C:\WINDOWS\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((( snapshot@2007-10-14_ 0.16.53.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-05-24 16:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 19:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 19:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCDrProfiler"="" []
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" []
"_SetRes"="c:\hp\bin\cloaker c:\hp\bin\res.bat" []
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" []
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" []
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" []
"Motive SmartBridge"="C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe" []
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-22 23:19]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" []
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" []
"SemanticInsight"="C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe" []
"FilmLoop"="C:\Program Files\FilmLoop Player\FilmLoop.exe" []
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" []
"MimBoot"="C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe" []
"ISUSScheduler"="c:\program files\common files\installshield\updateservice\issch.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" []
"PrinTray"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe" []
"Adobe Photo Downloader"="C:\Program Files\Adobe\Adobe Photoshop Lightroom\apdproxy.exe" []
"SansaDispatch"="C:\Documents and Settings\Compaq_Owner\Desktop\SansaDispatch.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:00]
"OurPictures"="C:\Program Files\RitzPix E-Z Print & Share\OurPictures.exe" []
"Aim6"="" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" []
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
Compaq Connections.lnk - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [2005-08-10 20:21:50]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 21:40:10]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 16:05:56]
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2006-12-26 11:17:39]
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2007-08-28 13:09:10]

S2 BulkUsb;Genesys Logic USB Scanner Controller NT 5.0;C:\WINDOWS\system32\Drivers\usbscan.sys
S2 LxrSII1d;Secure II Driver;\??\C:\WINDOWS\system32\Drivers\LxrSII1d.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28e26798-02ad-11da-8aef-806d6172696f}]
AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}]
AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2007-10-13 04:27:25 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Compaq_Owner.job"
"2007-10-15 07:21:01 C:\WINDOWS\Tasks\SDMsgUpdate (SmartDrawTrial).job"
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-15 11:10:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-10-15 11:12:14
C:\ComboFix2.txt ... 2007-10-14 00:23
.
--- E O F ---
WJW is offline