Thread: Corrupt Norton, almost all webpages are redirected to microsoft.com
View Single Post
Old 10-10-2006, 05:34 PM   #42 (permalink)
randomrandom
Registered User
 
Join Date: Sep 2006
Posts: 31
OS: XP home edition


Hey,
here are the logs! Oh and i thought it best to leave the quarantined files alone....best not to mess up my comp NOW :-)
************************************************
Kaspersky Log
************************************************
KASPERSKY ONLINE SCANNER REPORT
October 09, 2006 10:00:33 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 10/10/2006
Kaspersky Anti-Virus database records: 230213
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects 117497
Number of viruses found 19
Number of infected objects 97 / 0
Number of suspicious objects 0
Duration of the scan process 01:42:29

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2006-10-09_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A3733B2.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0AE51EAB.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\171F3CE8.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\19BC7014.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1AEC5B93.exe Infected: Backdoor.Win32.Delf.ats skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\24BE363C.EXE Infected: Trojan-Downloader.Win32.Agent.aox skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F287D39.exe/data0002 Infected: Trojan.Win32.VB.ami skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F287D39.exe NSIS: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F287D39.exe CryptFF: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32814309.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\38A350BF.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\38A77ABB.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\38AA24B8.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3C1F16EA.sys Infected: Backdoor.Win32.Haxdoor.ii skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\43366AE9.exe Infected: Trojan-Proxy.Win32.Small.bo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\43E4785D.DLL Infected: Backdoor.Win32.Haxdoor.lc skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4D725F5B.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\50790760.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\51575EE8.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\51DA1BF7.exe/stream/data0001 Infected: Trojan.Win32.VB.ami skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\51DA1BF7.exe/stream Infected: Trojan.Win32.VB.ami skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\51DA1BF7.exe NSIS: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\51DA1BF7.exe CryptFF: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\56893EC8.dll Infected: Trojan-PSW.Win32.Sinowal.k skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\56933CBD.exe Infected: Trojan-Proxy.Win32.Small.bo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\569666B9.dll Infected: Trojan-PSW.Win32.Sinowal.ay skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\569666B9.htm Infected: Trojan-Proxy.Win32.Small.bo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\569A10B6.exe Infected: Trojan-Proxy.Win32.Wopla.ac skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\569D3AB2.exe Infected: Backdoor.Win32.Delf.ats skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57601A44.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57C95168.tmp/stream/data0003 Infected: not-a-virus:AdWare.Win32.Agent.y skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57C95168.tmp/stream/data0005 Infected: not-a-virus:AdWare.Win32.Softomate.q skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57C95168.tmp/stream Infected: not-a-virus:AdWare.Win32.Softomate.q skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57C95168.tmp NSIS: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57C95168.tmp CryptFF: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5A3B5810.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5B0F3D25.sys Infected: Backdoor.Win32.Haxdoor.ii skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C0544BF.dll Infected: not-virus:Hoax.Win32.Renos.ds skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C5F608C.tmp/stream/data0001 Infected: Trojan.Win32.VB.ami skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C5F608C.tmp/stream Infected: Trojan.Win32.VB.ami skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C5F608C.tmp NSIS: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C5F608C.tmp CryptFF: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61A61EDE.tmp/stream/data0001 Infected: Trojan.Win32.VB.ami skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61A61EDE.tmp/stream Infected: Trojan.Win32.VB.ami skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61A61EDE.tmp NSIS: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61A61EDE.tmp CryptFF: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6632260B.exe/data0002 Infected: Trojan.Win32.VB.ami skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6632260B.exe NSIS: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6632260B.exe CryptFF: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\690D62E6.tmp/data0002 Infected: Trojan.Win32.VB.ami skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\690D62E6.tmp NSIS: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\690D62E6.tmp CryptFF: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A87143C.exe Infected: Trojan-Proxy.Win32.Small.bo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7062684D.tmp/data0002 Infected: Trojan.Win32.VB.ami skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7062684D.tmp NSIS: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7062684D.tmp CryptFF: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\72A14C3C.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dt skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7EBC2A1A.exe Infected: Trojan.Win32.Opnis.l skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\User1\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped
C:\Documents and Settings\User1\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\User1\Desktop\Projects\crack.rar/Free Popup Blocker.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.MegaKiss.b skipped
C:\Documents and Settings\User1\Desktop\Projects\crack.rar/Free Popup Blocker.exe/stream Infected: not-a-virus:AdWare.Win32.MegaKiss.b skipped
C:\Documents and Settings\User1\Desktop\Projects\crack.rar/Free Popup Blocker.exe Infected: not-a-virus:AdWare.Win32.MegaKiss.b skipped
C:\Documents and Settings\User1\Desktop\Projects\crack.rar RAR: infected - 3 skipped
C:\Documents and Settings\User1\Desktop\Projects\ImTOO.DVD.to.PSP.Converter.v4.0.52.0630.Incl.Keygen-Lz0\installer.exe/stream/data0001 Infected: Trojan-Clicker.Win32.VB.fh skipped
C:\Documents and Settings\User1\Desktop\Projects\ImTOO.DVD.to.PSP.Converter.v4.0.52.0630.Incl.Keygen-Lz0\installer.exe/stream Infected: Trojan-Clicker.Win32.VB.fh skipped
C:\Documents and Settings\User1\Desktop\Projects\ImTOO.DVD.to.PSP.Converter.v4.0.52.0630.Incl.Keygen-Lz0\installer.exe NSIS: infected - 2 skipped
C:\Documents and Settings\User1\Desktop\Projects\ImTOO.DVD.to.PSP.Converter.v4.0.52.0630.Incl.Keygen-Lz0.rar/installer.exe/stream/data0001 Infected: Trojan-Clicker.Win32.VB.fh skipped
C:\Documents and Settings\User1\Desktop\Projects\ImTOO.DVD.to.PSP.Converter.v4.0.52.0630.Incl.Keygen-Lz0.rar/installer.exe/stream Infected: Trojan-Clicker.Win32.VB.fh skipped
C:\Documents and Settings\User1\Desktop\Projects\ImTOO.DVD.to.PSP.Converter.v4.0.52.0630.Incl.Keygen-Lz0.rar/installer.exe Infected: Trojan-Clicker.Win32.VB.fh skipped
C:\Documents and Settings\User1\Desktop\Projects\ImTOO.DVD.to.PSP.Converter.v4.0.52.0630.Incl.Keygen-Lz0.rar RAR: infected - 3 skipped
C:\Documents and Settings\User1\Desktop\Projects\Save[1].Flash.v3.0.0067.WinALL.Cracked.ViRiLiTY.zip.rar/Free Popup Blocker.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.MegaKiss.b skipped
C:\Documents and Settings\User1\Desktop\Projects\Save[1].Flash.v3.0.0067.WinALL.Cracked.ViRiLiTY.zip.rar/Free Popup Blocker.exe/stream Infected: not-a-virus:AdWare.Win32.MegaKiss.b skipped
C:\Documents and Settings\User1\Desktop\Projects\Save[1].Flash.v3.0.0067.WinALL.Cracked.ViRiLiTY.zip.rar/Free Popup Blocker.exe Infected: not-a-virus:AdWare.Win32.MegaKiss.b skipped
C:\Documents and Settings\User1\Desktop\Projects\Save[1].Flash.v3.0.0067.WinALL.Cracked.ViRiLiTY.zip.rar/installer.exe/data0002 Infected: Trojan-Clicker.MSIL.Xone.a skipped
C:\Documents and Settings\User1\Desktop\Projects\Save[1].Flash.v3.0.0067.WinALL.Cracked.ViRiLiTY.zip.rar/installer.exe Infected: Trojan-Clicker.MSIL.Xone.a skipped
C:\Documents and Settings\User1\Desktop\Projects\Save[1].Flash.v3.0.0067.WinALL.Cracked.ViRiLiTY.zip.rar ZIP: infected - 5 skipped
C:\Documents and Settings\User1\Desktop\Projects\Sony.ACID.Pro.v6.0a.Incl.Keygen-SSG.rar/installer.exe/stream/data0001 Infected: Trojan-Clicker.Win32.VB.fh skipped
C:\Documents and Settings\User1\Desktop\Projects\Sony.ACID.Pro.v6.0a.Incl.Keygen-SSG.rar/installer.exe/stream Infected: Trojan-Clicker.Win32.VB.fh skipped
C:\Documents and Settings\User1\Desktop\Projects\Sony.ACID.Pro.v6.0a.Incl.Keygen-SSG.rar/installer.exe Infected: Trojan-Clicker.Win32.VB.fh skipped
C:\Documents and Settings\User1\Desktop\Projects\Sony.ACID.Pro.v6.0a.Incl.Keygen-SSG.rar RAR: infected - 3 skipped
C:\Documents and Settings\User1\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\User1\Desktop\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\User1\Desktop\SmitfraudFix.zip ZIP: infected - 1 skipped
C:\Documents and Settings\User1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\User1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\User1\Local Settings\Application Data\Mozilla\Firefox\Profiles\b8ou4xz7.default\Cache\D9E7D4FDd01 Infected: Trojan.Win32.Agent.vg skipped
C:\Documents and Settings\User1\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\User1\Local Settings\History\History.IE5\MSHist012006100920061010\index.dat Object is locked skipped
C:\Documents and Settings\User1\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\User1\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\User1\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\User1\UserData\index.dat Object is locked skipped
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2006-10-09.07-11-52.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\AntiSpam\Log\Spam.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0460NAV~.TMP Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0507NAV~.TMP Object is locked skipped
C:\Program Files\OceanDive\crack\Free Popup Blocker.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.MegaKiss.b skipped
C:\Program Files\OceanDive\crack\Free Popup Blocker.exe/stream Infected: not-a-virus:AdWare.Win32.MegaKiss.b skipped
C:\Program Files\OceanDive\crack\Free Popup Blocker.exe NSIS: infected - 2 skipped
C:\Program Files\Save Flash\installer.exe/data0002 Infected: Trojan-Clicker.MSIL.Xone.a skipped
C:\Program Files\Save Flash\installer.exe NSIS: infected - 1 skipped
C:\Program Files\Save Flash\patch_.exe/data0002 Infected: Trojan-Clicker.MSIL.Xone.a skipped
C:\Program Files\Save Flash\patch_.exe NSIS: infected - 1 skipped
C:\Program Files\Save Flash\Save[1].Flash.v3.0.0067.WinALL.Cracked.ViRiLiTY.zip\Free Popup Blocker.exe/stream/data0003 Infected: not-a-virus:AdWare.Win32.MegaKiss.b skipped
C:\Program Files\Save Flash\Save[1].Flash.v3.0.0067.WinALL.Cracked.ViRiLiTY.zip\Free Popup Blocker.exe/stream Infected: not-a-virus:AdWare.Win32.MegaKiss.b skipped
C:\Program Files\Save Flash\Save[1].Flash.v3.0.0067.WinALL.Cracked.ViRiLiTY.zip\Free Popup Blocker.exe NSIS: infected - 2 skipped
C:\Program Files\Save Flash\Save[1].Flash.v3.0.0067.WinALL.Cracked.ViRiLiTY.zip\installer.exe/data0002 Infected: Trojan-Clicker.MSIL.Xone.a skipped
C:\Program Files\Save Flash\Save[1].Flash.v3.0.0067.WinALL.Cracked.ViRiLiTY.zip\installer.exe NSIS: infected - 1 skipped
C:\Program Files\Save Flash\Save[1].Flash.v3.0.0067.WinALL.Cracked.ViRiLiTY.zip\patch_.exe/data0002 Infected: Trojan-Clicker.MSIL.Xone.a skipped
C:\Program Files\Save Flash\Save[1].Flash.v3.0.0067.WinALL.Cracked.ViRiLiTY.zip\patch_.exe NSIS: infected - 1 skipped
C:\Program Files\Trillian\users\default\logs\AIM\Query\NeEdToRuN723.log Object is locked skipped
C:\Program Files\Trillian\users\default\logs\AIM\Query\tridentcadet023.log Object is locked skipped
C:\Program Files\Trillian\users\default\logs\AIM\Query\txesnumerouno.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{40933F81-2282-414E-AFF1-432B1564D997}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\{00000000-00000000-0000000C-00001102-00000004-20021102}.CDF Object is locked skipped
Scan process completed.

******************************************************
HJT Log
******************************************************

Logfile of HijackThis v1.99.1
Scan saved at 5:02:30 PM, on 10/9/06
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Program Files\U.S. Robotics 802.11g WLAN\USRWLANG.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe"
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Blazing Angels Squadrons of WWII Demo\RegistrationReminder.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: U.S. Robotics 802.11g Wireless Network Utility.lnk = ?
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...l/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://www-secure.symantec.com/tech...rl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/tech...rl/tgctlsr.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1159425430187
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://rtc1.webresponse.one.microso.../TLIEFlash.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
randomrandom is offline