Thread: adware and spyware found by pandasoftware
View Single Post
Old 06-02-2005, 06:12 AM   #5 (permalink)
floridagator
Registered User
 
Join Date: Jan 2005
Posts: 14
OS: xp


Ok here is the MWAV virus log information :
File C:\Documents and Settings\Kelli Taylor\Desktop\New Folder\stuff\backups\backup-20050125-133208-830.dll tagged as not-a-virus:Downloader.Win32.PopCap.a. No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.1\popcaploader.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\System32\iuctl.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\DIMM.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\iuctl.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.1\popcaploader.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\QDow.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\Default.rul". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Enigma Software Group\SpyHunter\Uninstall.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}" refers to invalid object "C:\PROGRA~1\AWS\WEATHE~1\MINIBU~1.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9EFBF860-5685-11D3-AA3D-00C04F4C5275}" refers to invalid object "cdooff.dll". Action Taken: No Action Taken.
Entry "HKCR\AOLFlash.AOLFlash" refers to invalid object "{C1145550-A454-11D4-9020-00D0B7239081}". Action Taken: No Action Taken.
Entry "HKCR\AOLFlash.AOLFlash.1" refers to invalid object "{C1145550-A454-11D4-9020-00D0B7239081}". Action Taken: No Action Taken.
Entry "HKCR\AOLFlash.AOLFlash.3" refers to invalid object "{C1145550-A454-11D4-9020-00D0B7239081}". Action Taken: No Action Taken.
Entry "HKCR\AOLFlash.AOLFlash.4" refers to invalid object "{C1145550-A454-11D4-9020-00D0B7239081}". Action Taken: No Action Taken.
Entry "HKCR\AOLFlash.AOLFlash.5" refers to invalid object "{C1145550-A454-11D4-9020-00D0B7239081}". Action Taken: No Action Taken.
Entry "HKCR\AOLFlash.AOLFlash.6" refers to invalid object "{C1145550-A454-11D4-9020-00D0B7239081}". Action Taken: No Action Taken.
Entry "HKCR\AOLFlashFactory.AOLFlashFactory" refers to invalid object "{C1145551-A454-11D4-9020-00D0B7239081}". Action Taken: No Action Taken.
Entry "HKCR\AOLFlashFactory.AOLFlashFactory.1" refers to invalid object "{C1145551-A454-11D4-9020-00D0B7239081}". Action Taken: No Action Taken.
Entry "HKCR\AOLFlashProp.AOLFlashProp.1" refers to invalid object "{75D44B92-DCAF-43f3-A7D1-91041F34E719}". Action Taken: No Action Taken.
Entry "HKCR\AxTrack.CoAxTrack" refers to invalid object "{B9F3009B-976B-41C4-A992-229DCCF3367C}". Action Taken: No Action Taken.
Entry "HKCR\AxTrack.CoAxTrack.1" refers to invalid object "{B9F3009B-976B-41C4-A992-229DCCF3367C}". Action Taken: No Action Taken.
Entry "HKCR\CDDBControlRoxio.CddbFullName.1" refers to invalid object "{1c6e0e46-4e5f-492d-b946-44291b931361}". Action Taken: No Action Taken.
Entry "HKCR\CDDBControlRoxio.FullName" refers to invalid object "{1c6e0e46-4e5f-492d-b946-44291b931361}". Action Taken: No Action Taken.
Entry "HKCR\DSP.DSP" refers to invalid object "{9C123EA9-AEC9-4f75-BBC0-7565FA1398966}". Action Taken: No Action Taken.
Entry "HKCR\DSP.DSPDMOProp_Chorus.1" refers to invalid object "{6F63B172-5543-4593-91CE-EDBA65B9FACDB}". Action Taken: No Action Taken.
Entry "HKCR\NCTWMVFile.NCTProfileManager" refers to invalid object "{E27FC1E5-B5CB-4C3E-8AA6-81C2A4BAC8AF}". Action Taken: No Action Taken.
Entry "HKCR\NCTWMVFile.NCTProfileManager.1" refers to invalid object "{E27FC1E5-B5CB-4C3E-8AA6-81C2A4BAC8AF}". Action Taken: No Action Taken.
Entry "HKCR\NCTWMVFile.WMVFile" refers to invalid object "{D2AE39EF-965C-4058-A21B-AC0E0673F72D}". Action Taken: No Action Taken.
Entry "HKCR\NCTWMVFile.WMVFile.1" refers to invalid object "{D2AE39EF-965C-4058-A21B-AC0E0673F72D}". Action Taken: No Action Taken.
Entry "HKCR\RealDownloadExpress.InfoWindow" refers to invalid object "{56336BCA-3D8A-11d6-A00B-0050DA18DE71}". Action Taken: No Action Taken.
Entry "HKCR\RealDownloadExpress.InfoWindow.1" refers to invalid object "{56336BCA-3D8A-11d6-A00B-0050DA18DE71}". Action Taken: No Action Taken.
Entry "HKCR\RTCIMSP.RTCIMService" refers to invalid object "{83D4679F-B6D7-11D2-BF36-00C04FB90A03}". Action Taken: No Action Taken.
Entry "HKCR\RTCIMSP.RTCIMService.1" refers to invalid object "{83D4679F-B6D7-11D2-BF36-00C04FB90A03}". Action Taken: No Action Taken.
Entry "HKCR\SAS.Workspace" refers to invalid object "{440196D4-90F0-11D0-9F41-00A024BB830C}". Action Taken: No Action Taken.
Entry "HKCR\SAS.Workspace.1" refers to invalid object "{440196D4-90F0-11D0-9F41-00A024BB830C}". Action Taken: No Action Taken.
Entry "HKCR\SASGMS.GMSAppl" refers to invalid object "{9C186A64-83E4-11D2-B956-00C04F81993C}". Action Taken: No Action Taken.
Entry "HKCR\SASGMS.GMSAppl.1" refers to invalid object "{9C186A64-83E4-11D2-B956-00C04F81993C}". Action Taken: No Action Taken.
Entry "HKCR\SASMQX.MQXAppl" refers to invalid object "{8D9EF489-8D1E-11D2-B94F-00C04F8198C0}". Action Taken: No Action Taken.
Entry "HKCR\SASMQX.MQXAppl.1" refers to invalid object "{8D9EF489-8D1E-11D2-B94F-00C04F8198C0}". Action Taken: No Action Taken.
Entry "HKCR\SASOLAP.OLAP" refers to invalid object "{0ADE178A-6A1D-11D4-8349-00B0D0292DCA}". Action Taken: No Action Taken.
Entry "HKCR\SASOLAP.OLAP.1" refers to invalid object "{0ADE178A-6A1D-11D4-8349-00B0D0292DCA}". Action Taken: No Action Taken.
Entry "HKCR\SASOMI.OMI" refers to invalid object "{2887E7D7-4780-11D4-879F-00C04F38F0DB}". Action Taken: No Action Taken.
Entry "HKCR\SASOMI.OMI.1" refers to invalid object "{2887E7D7-4780-11D4-879F-00C04F38F0DB}". Action Taken: No Action Taken.
File C:\Documents and Settings\Kelli Taylor\Desktop\New Folder\stuff\backups\backup-20050125-133208-830.dll tagged as not-a-virus:Downloader.Win32.PopCap.a. No Action Taken.
File C:\Program Files\ScrabbleRackAttack_Setup-dm.exe tagged as "not-a-virus:AdWare.Trymedia.b". Action Taken: No Action Taken.
File C:\Program Files\Scrabble_Setup-dm.exe tagged as "not-a-virus:AdWare.Trymedia.b". Action Taken: No Action Taken.
File C:\Program Files\TestGen\stub.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP114\A0009437.EXE infected by "Trojan-Downloader.Win32.Small.wk" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009951.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009952.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009953.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009954.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009955.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009956.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009957.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009958.exe infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009959.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009960.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009961.scr infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009962.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009963.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009964.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009965.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009966.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009967.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009968.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009969.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009970.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009971.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009972.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009973.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009974.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009975.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009976.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009977.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009978.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009979.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009980.scr infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009981.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009982.scr infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009983.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009984.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009985.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009986.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009987.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009988.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009989.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009990.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009991.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009992.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009993.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009994.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009995.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009996.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009997.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009998.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0009999.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010000.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010001.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010002.scr infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010003.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010004.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010005.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010006.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010007.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010008.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010009.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010010.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010011.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010012.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010013.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010014.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010015.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010016.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010017.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010018.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010019.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010020.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010021.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010022.scr infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010023.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010024.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010025.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010026.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010027.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010028.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010029.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010030.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010031.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010032.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010033.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010034.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010035.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010036.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010037.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010038.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP116\A0010039.exe infected by "Email-Worm.Win32.Bagle.k" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP85\A0007652.EXE tagged as not-a-virus:Downloader.Win32.DigStream. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\popcaploader.dll tagged as not-a-virus:Downloader.Win32.PopCap.b. No Action Taken.


Here is the new HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 8:00:41 AM, on 6/2/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iRiver Updater] \Updater.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\ipsecdialer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/...2/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/1141bb59...p/RdxIE601.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9BFC2253-B9D9-477E-9488-CA450232620D} (BinAg1 Class) - https://fastconnectkitsetup.cox.net/...lowActiveX.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/...15/mcgdmgr.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/def...utLauncher.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl Object) - http://zone.msn.com/bingame/hsol/def...ebLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/def...ploader_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

Thanks
floridagator is offline