Thread: My HJT logfile Any problems?
View Single Post
Old 02-25-2006, 04:50 PM   #5 (permalink)
xiktpqx
Registered User
 
Join Date: Feb 2006
Posts: 6
OS: Win Xp


In the creative bind settings folder there is a system file called FACE JUMP PHONE and the one settings tray folder contains nothing.
Volume in drive C has no label.
Volume Serial Number is E4B9-42B6

Directory of C:\Documents and Settings\All Users\Application Data

03/12/2005 11:39 AM <DIR> Adobe
03/12/2005 11:42 AM <DIR> Adobe Systems
16/01/2006 01:38 AM <DIR> AOL Downloads
28/07/2005 07:18 PM <DIR> BigPond
19/11/2005 05:56 PM <DIR> BVRP Software
07/10/2005 03:31 PM <DIR> creative bind settings 4
21/12/2005 02:21 AM 10 DragToDiscUserNameE.txt
26/11/2005 12:20 PM <DIR> Kodak
22/12/2004 08:30 AM <DIR> MSN6
22/11/2005 06:17 PM <DIR> nView_Profiles
11/12/2004 09:57 PM <DIR> pixelStorm
20/10/2004 04:24 PM <DIR> QuickTime
16/10/2005 12:01 AM <DIR> Spybot - Search & Destroy
18/07/2005 12:02 PM <DIR> Symantec
09/10/2005 04:55 PM <DIR> Windows Genuine Advantage
19/12/2005 02:08 AM <DIR> Yahoo! Companion
1 File(s) 10 bytes
15 Dir(s) 5,797,732,352 bytes free
Volume in drive C has no label.
Volume Serial Number is E4B9-42B6

Directory of C:\Documents and Settings\Chris Robb\Application Data

19/02/2006 12:50 PM <DIR> Adobe
28/08/2005 12:52 PM <DIR> Apple Computer
25/02/2006 11:20 AM <DIR> Azureus
28/07/2005 07:18 PM <DIR> BigPond
11/08/2004 03:48 PM <DIR> Help
30/07/2005 03:19 PM <DIR> Identities
10/09/2001 03:27 PM <DIR> InterTrust
09/10/2005 05:06 PM <DIR> Lavasoft
07/02/2005 09:37 PM <DIR> Macromedia
24/02/2006 06:54 PM <DIR> Media Player Classic
24/10/2004 11:04 PM <DIR> Mozilla
12/04/2005 01:50 PM <DIR> MSN6
07/10/2005 01:53 PM <DIR> one settings tray
03/12/2005 01:13 PM <DIR> Opera
28/07/2005 11:38 PM <DIR> Real
27/12/2005 12:17 AM <DIR> Roxio
11/06/2005 04:33 PM <DIR> Sun
19/07/2004 05:10 PM <DIR> Symantec
24/10/2004 11:04 PM <DIR> Talkback
11/08/2004 06:02 PM <DIR> Template
25/02/2006 10:21 PM <DIR> uTorrent
22/11/2005 10:03 PM <DIR> Xfire
0 File(s) 0 bytes
22 Dir(s) 5,797,732,352 bytes free
Volume in drive C has no label.
Volume Serial Number is E4B9-42B6

Directory of C:\Documents and Settings\Owner\Application Data

10/09/2001 03:27 PM <DIR> Adobe
10/09/2001 03:00 PM <DIR> Identities
10/09/2001 03:27 PM <DIR> InterTrust
0 File(s) 0 bytes
3 Dir(s) 5,797,732,352 bytes free
Volume in drive C has no label.
Volume Serial Number is E4B9-42B6

Directory of C:\Documents and Settings\Default User\Application Data

10/09/2001 03:27 PM <DIR> .
10/09/2001 03:27 PM <DIR> ..
12/11/2005 06:31 PM 62 desktop.ini
1 File(s) 62 bytes
2 Dir(s) 5,797,732,352 bytes free
Volume in drive C has no label.
Volume Serial Number is E4B9-42B6

Directory of C:\Documents and Settings\LocalService\Application Data

Volume in drive C has no label.
Volume Serial Number is E4B9-42B6

Directory of C:\Documents and Settings\NetworkService\Application Data

[TRACE] Enumerating jobs and queues





-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, February 26, 2006 10:46:07 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 25/02/2006
Kaspersky Anti-Virus database records: 178650
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 94866
Number of viruses found: 10
Number of infected objects: 162
Number of suspicious objects: 0
Duration of the scan process: 01:21:47

Infected Object Name / Virus Name / Last Action
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051162.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051163.exe Infected: Trojan-Downloader.Win32.Swizzor.de skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051164.exe Infected: Trojan-Downloader.Win32.Swizzor.de skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051165.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051166.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051167.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051168.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051169.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051170.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051171.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051172.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051173.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051174.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051175.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051176.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051177.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051178.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051179.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051180.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051181.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051182.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051183.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051184.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051185.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051186.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051187.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051188.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051189.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051190.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051191.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051192.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051193.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051194.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051195.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051196.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051197.exe Infected: Trojan-Downloader.Win32.Swizzor.de skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051198.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051199.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051200.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051201.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051202.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051203.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051204.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051205.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051206.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051207.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051208.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051209.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051210.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051211.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051212.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051213.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051214.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051215.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051216.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051217.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051218.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051219.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051220.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051221.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051222.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051223.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051224.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051225.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051226.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051227.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051228.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051229.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051230.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051231.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051232.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051233.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051234.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051235.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051236.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051237.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051536.exe Infected: Trojan-Downloader.Win32.Swizzor.dv skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051537.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051538.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051539.exe Infected: Trojan-Downloader.Win32.Swizzor.cb skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051540.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051541.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051542.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051543.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051544.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051545.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051546.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051547.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051548.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051549.exe Infected: Trojan-Downloader.Win32.Swizzor.ca skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051550.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051551.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051552.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051553.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051554.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051555.exe Infected: Trojan-Downloader.Win32.Swizzor.de skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051556.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051557.exe Infected: Trojan-Downloader.Win32.Swizzor.de skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051558.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051559.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051560.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051561.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051562.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051563.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051564.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051565.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051566.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051567.exe Infected: Trojan-Downloader.Win32.Swizzor.de skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051568.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051569.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051570.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051571.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051572.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051573.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051574.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051575.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051576.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051577.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051578.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051579.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051580.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051581.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051582.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051583.exe Infected: Trojan-Downloader.Win32.Swizzor.ca skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051584.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051585.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051586.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051587.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051588.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051589.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051590.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051591.exe Infected: not-a-virus:AdWare.Win32.Lop.z skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051592.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051593.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051594.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051595.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051596.exe Infected: Trojan-Downloader.Win32.Swizzor.dh skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051597.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051598.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051599.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051600.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051601.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051602.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051603.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051604.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051605.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051606.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051607.exe Infected: Trojan-Downloader.Win32.Swizzor.ca skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051608.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051609.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051610.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051611.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051612.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051613.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051614.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051615.exe Infected: not-a-virus:AdWare.Win32.Lop.ab skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051616.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\System Volume Information\_restore{9AF386A9-4901-4D13-BB61-E930791F3942}\RP104\A0051617.exe Infected: not-a-virus:AdWare.Win32.Lop.ad skipped
C:\WINDOWS\system32\o Infected: Trojan-Downloader.BAT.Ftp.ay skipped
F:\RECYCLER\S-1-5-21-1975344075-1274885478-237469328-500\Dc4\InstFile\WinVNC\othread2.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
F:\RECYCLER\S-1-5-21-1975344075-1274885478-237469328-500\Dc4\InstFile\WinVNC\vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
F:\RECYCLER\S-1-5-21-1975344075-1274885478-237469328-500\Dc4\InstFile\WinVNC\winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped

Scan process completed.






Logfile of HijackThis v1.99.1
Scan saved at 10:47:13 AM, on 26/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe
C:\Compaq\eakdrv\STARTDRV.exe
C:\Compaq\eakdrv\EAKDRV.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Compaq\eakdrv\EAUSBKBD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\CHRISR~1\LOCALS~1\Temp\Rar$EX00.859\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = BigPond Dial-Up Residential Internet Explorer
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - F:\My Documents\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\My Documents\Companion\Installs\cpn\yt.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.en-us.en-au\msntb.dll (file missing)
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
O4 - HKLM\..\Run: [CPQEASYACC] C:\Compaq\eakdrv\STARTDRV.exe
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
O4 - HKLM\..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\GUI.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - F:\MYDOCU~1\MESSEN~1\YAHOOM~1.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - F:\MYDOCU~1\MESSEN~1\YAHOOM~1.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1132832078890
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1132832059296
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{92DFCFAD-8CA7-46DD-A586-4E115138D625}: Domain = nsw.bigpond.net.au
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
xiktpqx is offline