|
| ||
| Hey crunchie, RE: LOP problem hey.. i haven't replied for a while but i was just doing a clean up on the computer and thought i would give you my hijack this report.. if you could just take a look at it and tell me if its ok.. that would be great, thanks alot Logfile of HijackThis v1.99.1 Scan saved at 12:05:47 AM, on 5/28/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5346.0005) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Mik3\Desktop\Desktop stuff\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID} O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [PAV.EXE] 16 O4 - HKLM\..\Run: [Zonavirus] 0 O4 - HKLM\..\Run: [BNexe] C:\WINDOWS\Listado.txt.by.Microsoft.com O4 - HKLM\..\Run: [BN] c:\BanderaNegra.vbs O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\regclean.exe" O4 - Startup: csrss.lnk = ? O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\ipsecdialer.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: PokerTime Poker - {7220F1C9-B7E0-47a6-A0BD-D5B3940BCC79} - C:\Program Files\PokerTimeMPP\MPPoker.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab_ad...ridge-c139.cab O16 - DPF: {1671869C-25B3-4C80-9446-8AE6111F8765} (MaxisHotDateTeleX Control) - http://thesims.ea.com/teleport/hotda...tDateTeleX.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2DAE59A1-B355-4653-8D33-33A3A8F8C078} (MaxisVacationTeleX Control) - http://thesims.ea.com/teleport/vacat...ationTeleX.cab O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.jetsetpoker.com/setup.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by22fd.bay22.hotmail.msn.com/...s/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O16 - DPF: {8629CFEB-C31A-4429-9BB0-8765A8A24FDA} (MaxisUnleashedLotTeleX Control) - http://thesims.ea.com/teleport/unlea...edLotTeleX.cab O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/instal...sinstaller.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhel...7/dlhelper.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...38/mcfscan.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ums.uwo.ca O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ums.uwo.ca O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe |
| ||
| Re: Hey crunchie, RE: LOP problem Can you please do the following. =============== Scan with HiJackThis, then check(tick) the following, if present: O4 - Startup: csrss.lnk = ? O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab_ad...ridge-c139.cab Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked". =============== To help protect your system from hostile ActiveX content, or special 'downloadable' files: Download, install and keep updated, SpywareBlaster. If you've installed it for the first time: 1) Check for any available updates; if present, they'll be automatically downloaded and installed. 2) Next, "Enable all protection". 3) Exit the program. - Note: Remember to regularly check for updates. =============== After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now. |
| ||
| Re: Hey crunchie, RE: LOP problem hey crunchie.. after i fixed the problems you gave to me these messages came up: Message 1 Unexpected error occurred! Error #52 (Bad file name or number) in Sub GetLongPath(?.exe). Please send a report to merijn@spywareinfo.com, mentioning what you were doing, and what version of Windows you have. This message has been copied to your clipboard. Message 2 Unable to delete the file: 04 – startup:csrss.lnk = ? Now i don't know if this is important at all but i took a hijack this log file from both accounts on my computer and to me they look different, if you could help me with this it would be awsome Original Computer Account - the one you looked at before: Logfile of HijackThis v1.99.1 Scan saved at 1:05:08 PM, on 5/28/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5346.0005) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\devldr32.exe C:\Documents and Settings\Mik3\Desktop\Desktop stuff\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID} O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [PAV.EXE] 16 O4 - HKLM\..\Run: [Zonavirus] 0 O4 - HKLM\..\Run: [BNexe] C:\WINDOWS\Listado.txt.by.Microsoft.com O4 - HKLM\..\Run: [BN] c:\BanderaNegra.vbs O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\regclean.exe" O4 - Startup: csrss.lnk = ? O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\ipsecdialer.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: PokerTime Poker - {7220F1C9-B7E0-47a6-A0BD-D5B3940BCC79} - C:\Program Files\PokerTimeMPP\MPPoker.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {1671869C-25B3-4C80-9446-8AE6111F8765} (MaxisHotDateTeleX Control) - http://thesims.ea.com/teleport/hotda...tDateTeleX.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2DAE59A1-B355-4653-8D33-33A3A8F8C078} (MaxisVacationTeleX Control) - http://thesims.ea.com/teleport/vacat...ationTeleX.cab O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.jetsetpoker.com/setup.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by22fd.bay22.hotmail.msn.com/...s/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O16 - DPF: {8629CFEB-C31A-4429-9BB0-8765A8A24FDA} (MaxisUnleashedLotTeleX Control) - http://thesims.ea.com/teleport/unlea...edLotTeleX.cab O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/instal...sinstaller.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhel...7/dlhelper.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...38/mcfscan.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ums.uwo.ca O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ums.uwo.ca O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe Other Account - Different one on computer: Logfile of HijackThis v1.99.1 Scan saved at 1:03:10 PM, on 5/28/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5346.0005) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\devldr32.exe C:\Utopia\Angel\Angel.exe C:\Program Files\MSN Messenger\msnmsgr.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Mik3\Desktop\Desktop stuff\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.qqmchuhtnt.biz/glOdhZVSrD...qBlh5/Qiv.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID} O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [PAV.EXE] 16 O4 - HKLM\..\Run: [Zonavirus] 0 O4 - HKLM\..\Run: [BNexe] C:\WINDOWS\Listado.txt.by.Microsoft.com O4 - HKLM\..\Run: [BN] c:\BanderaNegra.vbs O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [WormsArmageddon.exe] C:\DOCUME~1\Marvin\Desktop\Worms.exe /r O4 - HKCU\..\Run: [Rulejunk] C:\DOCUME~1\Marvin\APPLIC~1\OKAYBA~1\ListDoes.exe O4 - HKCU\..\Run: [Utopia Angel] "C:\Utopia\Angel\Angel.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: DLHelperEXE.exe O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\ipsecdialer.exe O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearc...p=ZBzeb030YYCA O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: PokerTime Poker - {7220F1C9-B7E0-47a6-A0BD-D5B3940BCC79} - C:\Program Files\PokerTimeMPP\MPPoker.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {1671869C-25B3-4C80-9446-8AE6111F8765} (MaxisHotDateTeleX Control) - http://thesims.ea.com/teleport/hotda...tDateTeleX.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2DAE59A1-B355-4653-8D33-33A3A8F8C078} (MaxisVacationTeleX Control) - http://thesims.ea.com/teleport/vacat...ationTeleX.cab O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.jetsetpoker.com/setup.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by22fd.bay22.hotmail.msn.com/...s/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O16 - DPF: {8629CFEB-C31A-4429-9BB0-8765A8A24FDA} (MaxisUnleashedLotTeleX Control) - http://thesims.ea.com/teleport/unlea...edLotTeleX.cab O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/instal...sinstaller.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhel...7/dlhelper.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...38/mcfscan.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ums.uwo.ca O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ums.uwo.ca O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe |
| ||
| Re: Hey crunchie, RE: LOP problem Let's get log one out of the way first, then we can check the other account :). == Can you please do the following. =============== Please visit at least two of the following sites for an online virus scan: BitDefender Free Online Virus Scan http://www.bitdefender.com/scan/licence.php Make sure you tick AutoClean under Scan Options. Panda ActiveScan http://www.pandasoftware.com/actives..._principal.htm Make sure you tick Disinfect automatically under Scan Options. Housecall at TrendMicro http://housecall.trendmicro.com/hous...start_corp.asp Make sure you tick Auto Clean. When it completes, post back the full filename of any files that cannot be cleaned or deleted. eTrust Antivirus Web Scanner http://www3.ca.com/securityadvisor/virusinfo/scan.aspx =============== Scan with HiJackThis, then check(tick) the following, if present: O4 - HKLM\..\Run: [PAV.EXE] 16 O4 - HKLM\..\Run: [Zonavirus] 0 O4 - HKLM\..\Run: [BNexe] C:\WINDOWS\Listado.txt.by.Microsoft.com O4 - HKLM\..\Run: [BN] c:\BanderaNegra.vbs O4 - Startup: csrss.lnk = ? Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked". =============== Locate and delete the following item(s), if present. Make sure you are able to view system and hidden files/ folders: Search for... [PAV.EXE ...using "Start | Search...". - Note that some of these file(s)/folder(s) may or may not be present. If present, and cannot be deleted because they're 'in use', try deleting them in "Safe Mode". - Reboot. =============== After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now. |
| ||
| Re: Hey crunchie, RE: LOP problem Ok.. so I had a couple problems that occured, First.. It wouldn't let me fix the O4 - Startup: csrss.lnk = ? in the hijack this scan Second... I couldn't find [PAV.EXE even after I checked off show hidden files and folders and hide protected operating systems in the Folder Options and went into safe mode Third.... I didn't see the autoclean option at http://www.bitdefender.com/scan/licence.php so i just did the scan which came up with the results: (they're pretty long.. sorry) C:\Documents and Settings\Marvin\Application Data\Okay Bait Face\bind dent extra.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Application Data\Okay Bait Face\bind dent extra.exe Disinfection failed C:\Documents and Settings\Marvin\Application Data\Okay Bait Face\bind dent extra.exe Deleted C:\Documents and Settings\Marvin\Application Data\Okay Bait Face\slowcurbacidstyle.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Application Data\Okay Bait Face\slowcurbacidstyle.exe Disinfection failed C:\Documents and Settings\Marvin\Application Data\Okay Bait Face\slowcurbacidstyle.exe Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip=>BlackBox.class Infected with: Java.Trojan.ClassLoader.GH C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip=>BlackBox.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip=>BlackBox.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip=>VB.class Infected with: Java.Trojan.Exploit.Bytverify.B C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip=>VB.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip=>VB.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip=>Dummy.class Infected with: Trojan.Java.Byteverify.B C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip=>Dummy.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip=>Dummy.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip=>Beyond.class Infected with: Java.Trojan.Exploit.Bytverify.B C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip=>Beyond.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip=>Beyond.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-1a0c24f4-5206c2f4.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>Counter.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>Counter.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>Counter.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>Gummy.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>Gummy.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>Gummy.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>VerifierBug.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>VerifierBug.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>VerifierBug.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>web.exe Infected with: Trojan.LowZones.CG C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>web.exe Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>web.exe Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>Worker.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>Worker.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>Worker.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>Xeyond.class Infected with: Java.Trojan.Femad.B C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>Xeyond.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip=>Xeyond.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1a980a85-3b06aa5c.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>Counter.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>Counter.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>Counter.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>Gummy.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>Gummy.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>Gummy.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>VerifierBug.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>VerifierBug.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>VerifierBug.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>web.exe Infected with: Trojan.Fakealert.AW C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>web.exe Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>web.exe Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>Worker.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>Worker.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>Worker.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>Xeyond.class Infected with: Java.Trojan.Femad.B C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>Xeyond.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip=>Xeyond.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1ba13978-2c4b79f7.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>Counter.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>Counter.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>Counter.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>Gummy.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>Gummy.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>Gummy.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>VerifierBug.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>VerifierBug.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>VerifierBug.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>web.exe Infected with: Trojan.LowZones.CX C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>web.exe Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>web.exe Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>Worker.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>Worker.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>Worker.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>Xeyond.class Infected with: Java.Trojan.Femad.B C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>Xeyond.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip=>Xeyond.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2583f9fa-78fe8435.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>Counter.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>Counter.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>Counter.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>Gummy.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>Gummy.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>Gummy.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>VerifierBug.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>VerifierBug.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>VerifierBug.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>web.exe Infected with: Trojan.LowZones.CX C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>web.exe Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>web.exe Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>Worker.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>Worker.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>Worker.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>Xeyond.class Infected with: Java.Trojan.Femad.B C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>Xeyond.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip=>Xeyond.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2ad522e1-6b7b1348.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>Counter.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>Counter.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>Counter.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>Gummy.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>Gummy.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>Gummy.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>VerifierBug.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>VerifierBug.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>VerifierBug.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>web.exe Infected with: Trojan.Small.WA C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>web.exe Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>web.exe Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>Worker.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>Worker.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>Worker.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>Xeyond.class Infected with: Java.Trojan.Femad.B C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>Xeyond.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip=>Xeyond.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5a0ba3cf-7e88da01.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>Counter.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>Counter.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>Counter.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>Gummy.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>Gummy.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>Gummy.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>VerifierBug.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>VerifierBug.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>VerifierBug.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>web.exe Infected with: MemScan:Trojan.Small.Y C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>web.exe Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>web.exe Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>Worker.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>Worker.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>Worker.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>Xeyond.class Infected with: Java.Trojan.Femad.B C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>Xeyond.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip=>Xeyond.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-5f5cccb6-197c9eda.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>Counter.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>Counter.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>Counter.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>Gummy.class Infected with: Java.Trojan.Exploit.Bytverify C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>Gummy.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>Gummy.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>VerifierBug.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>VerifierBug.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>VerifierBug.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>web.exe Infected with: Trojan.LowZones.DM C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>web.exe Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>Worker.class Infected with: Java.Trojan.Femad.A C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>Worker.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>Worker.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip Updated C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>Xeyond.class Infected with: Java.Trojan.Femad.B C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>Xeyond.class Disinfection failed C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip=>Xeyond.class Deleted C:\Documents and Settings\Marvin\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-6539b84-6c9da108.zip Updated C:\Documents and Settings\Marvin\Local Settings\Temp\103cf0a6.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\103cf0a6.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\103cf0a6.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\10524b7b.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\10524b7b.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\10524b7b.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\10ce58e7.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\10ce58e7.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\10ce58e7.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\122dadeb.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\122dadeb.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\122dadeb.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\1274ba7b.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\1274ba7b.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\1274ba7b.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\12d9bd67.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\12d9bd67.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\12d9bd67.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\12e08be7.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\12e08be7.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\12e08be7.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\1306cc4.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\1306cc4.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\1306cc4.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\14603e6b.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\14603e6b.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\14603e6b.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\14f21d78.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\14f21d78.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\14f21d78.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\159ff9f.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\159ff9f.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\159ff9f.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\17a82516.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\17a82516.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\17a82516.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\18bdbeeb.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\18bdbeeb.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\18bdbeeb.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\1b42ee29.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\1b42ee29.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\1b42ee29.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\1c996415.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\1c996415.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\1c996415.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\1e21f9eb.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\1e21f9eb.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\1e21f9eb.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\1e68c66b.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\1e68c66b.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\1e68c66b.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\1eb3d4db.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\1eb3d4db.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\1eb3d4db.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\1efaa56b.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\1efaa56b.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\1efaa56b.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\1f0db23a.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\1f0db23a.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\1f0db23a.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\1f54806b.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\1f54806b.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\1f54806b.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\211f146b.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\211f146b.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\211f146b.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\233047ba.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\233047ba.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\233047ba.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\237b542a.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\237b542a.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\237b542a.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\238222ba.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\238222ba.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\238222ba.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\23d530db.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\23d530db.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\23d530db.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\241c015b.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\241c015b.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\241c015b.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\246efc5b.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\246efc5b.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\246efc5b.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\24c81b7.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\24c81b7.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\24c81b7.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\2631705b.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\2631705b.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\2631705b.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\284ba35b.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\284ba35b.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\284ba35b.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\2892b1db.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\2892b1db.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\2892b1db.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\28a59eba.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\28a59eba.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\28a59eba.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\28ef6ceb.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\28ef6ceb.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\28ef6ceb.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\29367d7b.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\29367d7b.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\29367d7b.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\2966fc4.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\2966fc4.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\2966fc4.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\29794bca.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\29794bca.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\29794bca.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\29cb26eb.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\29cb26eb.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\29cb26eb.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\2ab7e0eb.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\2ab7e0eb.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\2ab7e0eb.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\2d97c44.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\2d97c44.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\2d97c44.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\2e04ac4.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\2e04ac4.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\2e04ac4.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\37229c4.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\37229c4.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\37229c4.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\3cc0727.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\3cc0727.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\3cc0727.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\3ee72e7.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\3ee72e7.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\3ee72e7.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\4171586.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\4171586.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\4171586.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\4d21e04.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\4d21e04.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\4d21e04.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\52e878f.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\52e878f.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\52e878f.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\69a9214.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\69a9214.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\69a9214.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\8fe1889.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\8fe1889.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\8fe1889.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\aa62c86.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\aa62c86.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\aa62c86.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\ae4aa5.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\ae4aa5.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\ae4aa5.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\bb4fcd7.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\bb4fcd7.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\bb4fcd7.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\f0928cd.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\f0928cd.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\f0928cd.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\f91a3d7.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\f91a3d7.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\f91a3d7.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temp\ff5e3e4.exe Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temp\ff5e3e4.exe Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temp\ff5e3e4.exe Deleted C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\BDCGEKSR\R1hZcmFVVXl0Sm9BQUdZMHJZZ0FBQUVY[1].wmf Infected with: Exploit.Win32.WMF-PFV C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\BDCGEKSR\R1hZcmFVVXl0Sm9BQUdZMHJZZ0FBQUVY[1].wmf Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\BDCGEKSR\R1hZcmFVVXl0Sm9BQUdZMHJZZ0FBQUVY[1].wmf Deleted C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\BEI8KUR7\hardcore[1].htm=>(JAVASCRIPT 7) Infected with: Trojan.Clicker.Js.Linker.H C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\BEI8KUR7\hardcore[1].htm=>(JAVASCRIPT 7) Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\BEI8KUR7\hardcore[1].htm=>(JAVASCRIPT 7) Deleted C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\BEI8KUR7\hardcore[1].htm Updated C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\BEI8KUR7\S01IV1AwVXl0Sm9BQUdTMFFjWUFBQURz[1].wmf Infected with: Exploit.Win32.WMF-PFV C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\BEI8KUR7\S01IV1AwVXl0Sm9BQUdTMFFjWUFBQURz[1].wmf Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\BEI8KUR7\S01IV1AwVXl0Sm9BQUdTMFFjWUFBQURz[1].wmf Deleted C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\FC0VF2KN\reality[1].htm=>(JAVASCRIPT 5) Infected with: Trojan.Clicker.Js.Linker.H C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\FC0VF2KN\reality[1].htm=>(JAVASCRIPT 5) Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\FC0VF2KN\reality[1].htm=>(JAVASCRIPT 5) Deleted C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\FC0VF2KN\reality[1].htm Updated C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\FC0VF2KN\video[1].htm=>(JAVASCRIPT 5) Infected with: Trojan.Clicker.Js.Linker.H C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\FC0VF2KN\video[1].htm=>(JAVASCRIPT 5) Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\FC0VF2KN\video[1].htm=>(JAVASCRIPT 5) Deleted C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\FC0VF2KN\video[1].htm Updated C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\MZYRE1EB\upAYB_unk[1].int Infected with: Trojan.Swizzor.DH C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\MZYRE1EB\upAYB_unk[1].int Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\MZYRE1EB\upAYB_unk[1].int Deleted C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\U57CT07Q\aUFpWnBFVXl0Sm9BQUFwWUIxRUFBQUJj[1].wmf Infected with: Exploit.Win32.WMF-PFV C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\U57CT07Q\aUFpWnBFVXl0Sm9BQUFwWUIxRUFBQUJj[1].wmf Disinfection failed C:\Documents and Settings\Marvin\Local Settings\Temporary Internet Files\Content.IE5\U57CT07Q\aUFpWnBFVXl0Sm9BQUFwWUIxRUFBQUJj[1].wmf Deleted C:\Documents and Settings\Marvin\My Documents\Justin\MsgPlus-301.exe Infected with: Trojan.Swizzor.DP C:\Documents and Settings\Marvin\My Documents\Justin\MsgPlus-301.exe Disinfection failed C:\Documents and Settings\Marvin\My Documents\Justin\MsgPlus-301.exe Deleted C:\Documents and Settings\Marvin\My Documents\Ryan\Word Perfect\lakefree.exe=>(ZIP Sfx s)=>lakesetup.exe=>(ZIP Sfx o)=>FREEZE_388.EXE Detected with: Application.Adware.NewDotNet.Dropper C:\Documents and Settings\Marvin\My Documents\Ryan\Word Perfect\lakefree.exe=>(ZIP Sfx s)=>lakesetup.exe=>(ZIP Sfx o)=>FREEZE_388.EXE Deleted C:\Documents and Settings\Marvin\My Documents\Ryan\Word Perfect\lakefree.exe=>(ZIP Sfx s)=>lakesetup.exe=>(ZIP Sfx o) Updated C:\Documents and Settings\Marvin\My Documents\Ryan\Word Perfect\lakefree.exe=>(ZIP Sfx s)=>lakesetup.exe Update failed C:\WINDOWS\system32\drivers\etc\hosts Infected with: Generic.Qhost C:\WINDOWS\system32\drivers\etc\hosts Disinfection failed C:\WINDOWS\system32\drivers\etc\hosts Deleted C:\WINDOWS\system32\drivers\etc\hosts.20051202-231041.backup Infected with: Generic.Qhost C:\WINDOWS\system32\drivers\etc\hosts.20051202-231041.backup Disinfection failed C:\WINDOWS\system32\drivers\etc\hosts.20051202-231041.backup Deleted C:\WINDOWS\system32\drivers\etc\hosts.msn Infected with: Generic.Qhost C:\WINDOWS\system32\drivers\etc\hosts.msn Disinfection failed C:\WINDOWS\system32\drivers\etc\hosts.msn Deleted Ok.... i also found that the other sites that you gave me did not work.. not sure why Anywayz... here is the hijack this file after changing what you told me.. thanks for the help so far Logfile of HijackThis v1.99.1 Scan saved at 10:07:09 PM, on 6/1/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5346.0005) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\devldr32.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\Program Files\iTunes\iTunes.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Mik3\Desktop\Desktop stuff\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID} O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\regclean.exe" O4 - Startup: csrss.lnk = ? O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\ipsecdialer.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: PokerTime Poker - {7220F1C9-B7E0-47a6-A0BD-D5B3940BCC79} - C:\Program Files\PokerTimeMPP\MPPoker.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {1671869C-25B3-4C80-9446-8AE6111F8765} (MaxisHotDateTeleX Control) - http://thesims.ea.com/teleport/hotda...tDateTeleX.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2DAE59A1-B355-4653-8D33-33A3A8F8C078} (MaxisVacationTeleX Control) - http://thesims.ea.com/teleport/vacat...ationTeleX.cab O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.jetsetpoker.com/setup.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by22fd.bay22.hotmail.msn.com/...s/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O16 - DPF: {8629CFEB-C31A-4429-9BB0-8765A8A24FDA} (MaxisUnleashedLotTeleX Control) - http://thesims.ea.com/teleport/unlea...edLotTeleX.cab O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/instal...sinstaller.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhel...7/dlhelper.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...38/mcfscan.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ums.uwo.ca O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ums.uwo.ca O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe |
| ||
| Re: Hey crunchie, RE: LOP problem Ok. Whatever was not fixed during the online scans needs you to manually delete it/them. But first, do the following; Go to your Control Panel and double click the Java icon. Go to the 'cache' and delete or clear the contents. Download CCleaner and install, then run it.
When you've done that, do another online scan and see what comes up. |
| ||
| Re: Hey crunchie, RE: LOP problem hey... well this is what came up for the virus report after i did the other thing Scanned File Status C:\Documents and Settings\Marvin\My Documents\Ryan\Word Perfect\lakefree.exe=>(ZIP Sfx s)=>lakesetup.exe=>(ZIP Sfx o)=>FREEZE_388.EXE Detected with: Application.Adware.NewDotNet.Dropper C:\Documents and Settings\Marvin\My Documents\Ryan\Word Perfect\lakefree.exe=>(ZIP Sfx s)=>lakesetup.exe=>(ZIP Sfx o)=>FREEZE_388.EXE Deleted C:\Documents and Settings\Marvin\My Documents\Ryan\Word Perfect\lakefree.exe=>(ZIP Sfx s)=>lakesetup.exe=>(ZIP Sfx o) Updated C:\Documents and Settings\Marvin\My Documents\Ryan\Word Perfect\lakefree.exe=>(ZIP Sfx s)=>lakesetup.exe Update failed alright... well thats it, a little shorter this time.. umm i know where that document is should i just delete it or do i have to do anything else to get rid of it, thanks This is the hijack log as of now: Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Logitech\iTouch\iTouch.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\COMMON~1\Logitech\WebColct\WebColct.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Mik3\Desktop\Desktop stuff\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID} O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-ca\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\regclean.exe" O4 - Startup: csrss.lnk = ? O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\ipsecdialer.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: PokerTime Poker - {7220F1C9-B7E0-47a6-A0BD-D5B3940BCC79} - C:\Program Files\PokerTimeMPP\MPPoker.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {1671869C-25B3-4C80-9446-8AE6111F8765} (MaxisHotDateTeleX Control) - http://thesims.ea.com/teleport/hotda...tDateTeleX.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2DAE59A1-B355-4653-8D33-33A3A8F8C078} (MaxisVacationTeleX Control) - http://thesims.ea.com/teleport/vacat...ationTeleX.cab O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.jetsetpoker.com/setup.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by22fd.bay22.hotmail.msn.com/...s/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O16 - DPF: {8629CFEB-C31A-4429-9BB0-8765A8A24FDA} (MaxisUnleashedLotTeleX Control) - http://thesims.ea.com/teleport/unlea...edLotTeleX.cab O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/instal...sinstaller.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhel...7/dlhelper.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...38/mcfscan.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ums.uwo.ca O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ums.uwo.ca O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe |
| ||
| Re: Hey crunchie, RE: LOP problem Just deleing it should be ok. Do a system search for csrss and post back the results please. |
| ||
| Re: Hey crunchie, RE: LOP problem i dunno what you meant by system search but i did the windows search which came up with: Name: CSRSS.EXE-12B63473.ph In Folder: C:\WINDOWS\Prefectch Name: csrss In Folder: C:\WINDOWS\system32 Name: csrss In Folder: C:\WINDOWS\ServicePackFiles\i386 |
| ||
| Re: Hey crunchie, RE: LOP problem The only one I have on my PC is the one in the system32 folder. Just upload the one in the servicepackfiles folder to check it's legit. I think that it is, but let's be sure. http://virusscan.jotti.org/ |
| All times are GMT -4. The time now is 9:34 am. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC