Hi swatkat.........this one went smoother than the laptop issue you are helping out with! Here are the Avenger, Kaspersky and HJT logs. Thanks for the help....JD
1) Avenger
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\pmdmcwav
*******************
Script file located at: \??\C:\WINDOWS\yyobbanv.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:WINDOWSGRFIG.DLL not found!
Deletion of file C:WINDOWSGRFIG.DLL failed!
Could not process line:
C:WINDOWSGRFIG.DLL
Status: 0xc0000034
File C:AUTODEFRAG.EXE not found!
Deletion of file C:AUTODEFRAG.EXE failed!
Could not process line:
C:AUTODEFRAG.EXE
Status: 0xc0000034
File C:COMPDIAG.EXE not found!
Deletion of file C:COMPDIAG.EXE failed!
Could not process line:
C:COMPDIAG.EXE
Status: 0xc0000034
File C:CORRUPTFIX.EXE not found!
Deletion of file C:CORRUPTFIX.EXE failed!
Could not process line:
C:CORRUPTFIX.EXE
Status: 0xc0000034
File C:DEFRAGSVC.EXE not found!
Deletion of file C:DEFRAGSVC.EXE failed!
Could not process line:
C:DEFRAGSVC.EXE
Status: 0xc0000034
File C:WINDOWSDRSMARTLOAD849A.EXE not found!
Deletion of file C:WINDOWSDRSMARTLOAD849A.EXE failed!
Could not process line:
C:WINDOWSDRSMARTLOAD849A.EXE
Status: 0xc0000034
File C:DRSMARTLOAD849A.EXE not found!
Deletion of file C:DRSMARTLOAD849A.EXE failed!
Could not process line:
C:DRSMARTLOAD849A.EXE
Status: 0xc0000034
File C:LSASS.EXE not found!
Deletion of file C:LSASS.EXE failed!
Could not process line:
C:LSASS.EXE
Status: 0xc0000034
File C:SERVICES.EXE not found!
Deletion of file C:SERVICES.EXE failed!
Could not process line:
C:SERVICES.EXE
Status: 0xc0000034
File C:SVCHOST.EXE not found!
Deletion of file C:SVCHOST.EXE failed!
Could not process line:
C:SVCHOST.EXE
Status: 0xc0000034
File C:WINDOWSDRSMARTLOAD45A.EXE not found!
Deletion of file C:WINDOWSDRSMARTLOAD45A.EXE failed!
Could not process line:
C:WINDOWSDRSMARTLOAD45A.EXE
Status: 0xc0000034
File C:WINDOWSDRSMARTLOAD46A.EXE not found!
Deletion of file C:WINDOWSDRSMARTLOAD46A.EXE failed!
Could not process line:
C:WINDOWSDRSMARTLOAD46A.EXE
Status: 0xc0000034
File C:WINDOWSMSNUPDATE.EXE not found!
Deletion of file C:WINDOWSMSNUPDATE.EXE failed!
Could not process line:
C:WINDOWSMSNUPDATE.EXE
Status: 0xc0000034
File C:DRSMARTLOAD1.EXE not found!
Deletion of file C:DRSMARTLOAD1.EXE failed!
Could not process line:
C:DRSMARTLOAD1.EXE
Status: 0xc0000034
File C:DEFENDER25.EXE not found!
Deletion of file C:DEFENDER25.EXE failed!
Could not process line:
C:DEFENDER25.EXE
Status: 0xc0000034
File C:WINDOWSSYSTEM32IBWJAQN.EXE not found!
Deletion of file C:WINDOWSSYSTEM32IBWJAQN.EXE failed!
Could not process line:
C:WINDOWSSYSTEM32IBWJAQN.EXE
Status: 0xc0000034
File C:WINDOWSSYSTEM32NDXCHTY.DLL not found!
Deletion of file C:WINDOWSSYSTEM32NDXCHTY.DLL failed!
Could not process line:
C:WINDOWSSYSTEM32NDXCHTY.DLL
Status: 0xc0000034
File C:WINDOWSSYSTEM32HVYBPL.EXE not found!
Deletion of file C:WINDOWSSYSTEM32HVYBPL.EXE failed!
Could not process line:
C:WINDOWSSYSTEM32HVYBPL.EXE
Status: 0xc0000034
File C:WINDOWSSYSTEM32XFPGP.EXE not found!
Deletion of file C:WINDOWSSYSTEM32XFPGP.EXE failed!
Could not process line:
C:WINDOWSSYSTEM32XFPGP.EXE
Status: 0xc0000034
File C:WINDOWSSYSTEM32HVYBPL.EXE not found!
Deletion of file C:WINDOWSSYSTEM32HVYBPL.EXE failed!
Could not process line:
C:WINDOWSSYSTEM32HVYBPL.EXE
Status: 0xc0000034
File C:WINDOWSSYSTEM32IBWJAQN.EXE not found!
Deletion of file C:WINDOWSSYSTEM32IBWJAQN.EXE failed!
Could not process line:
C:WINDOWSSYSTEM32IBWJAQN.EXE
Status: 0xc0000034
File C:WINDOWSSYSTEM32NDXCHTY.DLL not found!
Deletion of file C:WINDOWSSYSTEM32NDXCHTY.DLL failed!
Could not process line:
C:WINDOWSSYSTEM32NDXCHTY.DLL
Status: 0xc0000034
File C:WINDOWSSYSTEM32XFPGP.EXE not found!
Deletion of file C:WINDOWSSYSTEM32XFPGP.EXE failed!
Could not process line:
C:WINDOWSSYSTEM32XFPGP.EXE
Status: 0xc0000034
File C:DOCUMENTS AND SETTINGSALL USERSSTART MENUPROGRAMSSTARTUPADKCV.EXE not found!
Deletion of file C:DOCUMENTS AND SETTINGSALL USERSSTART MENUPROGRAMSSTARTUPADKCV.EXE failed!
Could not process line:
C:DOCUMENTS AND SETTINGSALL USERSSTART MENUPROGRAMSSTARTUPADKCV.EXE
Status: 0xc0000034
File C:NEWNAME25.EXE not found!
Deletion of file C:NEWNAME25.EXE failed!
Could not process line:
C:NEWNAME25.EXE
Status: 0xc0000034
File C:DEFENDER23.EXE not found!
Deletion of file C:DEFENDER23.EXE failed!
Could not process line:
C:DEFENDER23.EXE
Status: 0xc0000034
File C:NEWNAME23.EXE not found!
Deletion of file C:NEWNAME23.EXE failed!
Could not process line:
C:NEWNAME23.EXE
Status: 0xc0000034
File C:WINDOWSOFFUN.EXE not found!
Deletion of file C:WINDOWSOFFUN.EXE failed!
Could not process line:
C:WINDOWSOFFUN.EXE
Status: 0xc0000034
File C:WINDOWSSYSTEM32SSEC.EXE not found!
Deletion of file C:WINDOWSSYSTEM32SSEC.EXE failed!
Could not process line:
C:WINDOWSSYSTEM32SSEC.EXE
Status: 0xc0000034
File C:KEYBOARD25.EXE not found!
Deletion of file C:KEYBOARD25.EXE failed!
Could not process line:
C:KEYBOARD25.EXE
Status: 0xc0000034
File C:526_620.exe not found!
Deletion of file C:526_620.exe failed!
Could not process line:
C:526_620.exe
Status: 0xc0000034
File C:AUTODEFRAG.0XE not found!
Deletion of file C:AUTODEFRAG.0XE failed!
Could not process line:
C:AUTODEFRAG.0XE
Status: 0xc0000034
File C:COMPDIAG.0XE not found!
Deletion of file C:COMPDIAG.0XE failed!
Could not process line:
C:COMPDIAG.0XE
Status: 0xc0000034
File C:COMPDIAG.0XE not found!
Deletion of file C:COMPDIAG.0XE failed!
Could not process line:
C:COMPDIAG.0XE
Status: 0xc0000034
File C:CORRUPTFIX.0XE not found!
Deletion of file C:CORRUPTFIX.0XE failed!
Could not process line:
C:CORRUPTFIX.0XE
Status: 0xc0000034
File C:DEFRAGSVC.0XE not found!
Deletion of file C:DEFRAGSVC.0XE failed!
Could not process line:
C:DEFRAGSVC.0XE
Status: 0xc0000034
File C:LSASS.0XE not found!
Deletion of file C:LSASS.0XE failed!
Could not process line:
C:LSASS.0XE
Status: 0xc0000034
File C:mc-110-12-0000228.exe not found!
Deletion of file C:mc-110-12-0000228.exe failed!
Could not process line:
C:mc-110-12-0000228.exe
Status: 0xc0000034
File C:SERVICES.0XE not found!
Deletion of file C:SERVICES.0XE failed!
Could not process line:
C:SERVICES.0XE
Status: 0xc0000034
File C:SVCHOST.0XE not found!
Deletion of file C:SVCHOST.0XE failed!
Could not process line:
C:SVCHOST.0XE
Status: 0xc0000034
File C:WINDOWSAurexkb.ehu not found!
Deletion of file C:WINDOWSAurexkb.ehu failed!
Could not process line:
C:WINDOWSAurexkb.ehu
Status: 0xc0000034
File C:WINDOWSFlgczsswjyh.lzw not found!
Deletion of file C:WINDOWSFlgczsswjyh.lzw failed!
Could not process line:
C:WINDOWSFlgczsswjyh.lzw
Status: 0xc0000034
File C:WINDOWSIingbqeu.aaw not found!
Deletion of file C:WINDOWSIingbqeu.aaw failed!
Could not process line:
C:WINDOWSIingbqeu.aaw
Status: 0xc0000034
File C:WINDOWSIwwcitsg.dua not found!
Deletion of file C:WINDOWSIwwcitsg.dua failed!
Could not process line:
C:WINDOWSIwwcitsg.dua
Status: 0xc0000034
File C:WINDOWSmanager.exe not found!
Deletion of file C:WINDOWSmanager.exe failed!
Could not process line:
C:WINDOWSmanager.exe
Status: 0xc0000034
File C:WINDOWSmc-110-12-0000487.exe not found!
Deletion of file C:WINDOWSmc-110-12-0000487.exe failed!
Could not process line:
C:WINDOWSmc-110-12-0000487.exe
Status: 0xc0000034
File C:WINDOWSmc-110-12-0000488.exe not found!
Deletion of file C:WINDOWSmc-110-12-0000488.exe failed!
Could not process line:
C:WINDOWSmc-110-12-0000488.exe
Status: 0xc0000034
File C:WINDOWSMSNUPDATE.0XE not found!
Deletion of file C:WINDOWSMSNUPDATE.0XE failed!
Could not process line:
C:WINDOWSMSNUPDATE.0XE
Status: 0xc0000034
File C:WINDOWSMxacorse.trv not found!
Deletion of file C:WINDOWSMxacorse.trv failed!
Could not process line:
C:WINDOWSMxacorse.trv
Status: 0xc0000034
File C:WINDOWSWMIAPSRV.0XE not found!
Deletion of file C:WINDOWSWMIAPSRV.0XE failed!
Could not process line:
C:WINDOWSWMIAPSRV.0XE
Status: 0xc0000034
File C:WINDOWSWpkrkcqrrjf.uwm not found!
Deletion of file C:WINDOWSWpkrkcqrrjf.uwm failed!
Could not process line:
C:WINDOWSWpkrkcqrrjf.uwm
Status: 0xc0000034
File C:WINDOWSSYSTEM32NDXCHTY.0LL not found!
Deletion of file C:WINDOWSSYSTEM32NDXCHTY.0LL failed!
Could not process line:
C:WINDOWSSYSTEM32NDXCHTY.0LL
Status: 0xc0000034
File C:WINDOWSSYSTEM32removefunc.ram not found!
Deletion of file C:WINDOWSSYSTEM32removefunc.ram failed!
Could not process line:
C:WINDOWSSYSTEM32removefunc.ram
Status: 0xc0000034
File C:WINDOWSWMIAPSRV.0XE not found!
Deletion of file C:WINDOWSWMIAPSRV.0XE failed!
Could not process line:
C:WINDOWSWMIAPSRV.0XE
Status: 0xc0000034
File C:WINDOWSTasksRUTASK.job not found!
Deletion of file C:WINDOWSTasksRUTASK.job failed!
Could not process line:
C:WINDOWSTasksRUTASK.job
Status: 0xc0000034
File C:Documents and SettingsAll UsersStart MenuProgramsStartupADKCV.0XE not found!
Deletion of file C:Documents and SettingsAll UsersStart MenuProgramsStartupADKCV.0XE failed!
Could not process line:
C:Documents and SettingsAll UsersStart MenuProgramsStartupADKCV.0XE
Status: 0xc0000034
File C:Documents and SettingsOwnerApplication DataSskknwrd.dll not found!
Deletion of file C:Documents and SettingsOwnerApplication DataSskknwrd.dll failed!
Could not process line:
C:Documents and SettingsOwnerApplication DataSskknwrd.dll
Status: 0xc0000034
File C:WINDOWSSystem32x3cqp0.dll not found!
Deletion of file C:WINDOWSSystem32x3cqp0.dll failed!
Could not process line:
C:WINDOWSSystem32x3cqp0.dll
Status: 0xc0000034
File C:WINDOWSsystembgtxdii.exe not found!
Deletion of file C:WINDOWSsystembgtxdii.exe failed!
Could not process line:
C:WINDOWSsystembgtxdii.exe
Status: 0xc0000034
File C:WINDOWSsystemeiicupd.exe not found!
Deletion of file C:WINDOWSsystemeiicupd.exe failed!
Could not process line:
C:WINDOWSsystemeiicupd.exe
Status: 0xc0000034
File C:WINDOWSsystem32xyob2res.dll not found!
Deletion of file C:WINDOWSsystem32xyob2res.dll failed!
Could not process line:
C:WINDOWSsystem32xyob2res.dll
Status: 0xc0000034
File C:WINDOWSIAcommand.exe not found!
Deletion of file C:WINDOWSIAcommand.exe failed!
Could not process line:
C:WINDOWSIAcommand.exe
Status: 0xc0000034
Folder C:WINDOWSIA not found!
Deletion of folder C:WINDOWSIA failed!
Could not process line:
C:WINDOWSIA
Status: 0xc0000034
Completed script processing.
*******************
Finished! Terminate.
2) Kaspersky scan log
KASPERSKY ON-LINE SCANNER REPORT
Thursday, June 08, 2006 6:34:45 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 8/06/2006
Kaspersky Anti-Virus database records: 187146
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
Scan Statistics
Total number of scanned objects 111416
Number of viruses found 64
Number of infected objects 246
Number of suspicious objects 0
Duration of the scan process 01:25:11
Infected Object Name Virus Name Last Action
C:\avenger\backup.zip/avenger/crdadcs.exe Infected: Trojan-Clicker.Win32.VB.ij skipped
C:\avenger\backup.zip/avenger/crdadcsA.exe Infected: Trojan-Clicker.Win32.VB.ij skipped
C:\avenger\backup.zip/avenger/ibwjaqn.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\avenger\backup.zip/avenger/ssec.exe Infected: Trojan.Win32.Runner.h skipped
C:\avenger\backup.zip ZIP: infected - 4 skipped
C:\avenger\backup_PC 060506.zip/avenger/crdadcs.exe Infected: Trojan-Clicker.Win32.VB.ij skipped
C:\avenger\backup_PC 060506.zip/avenger/crdadcsA.exe Infected: Trojan-Clicker.Win32.VB.ij skipped
C:\avenger\backup_PC 060506.zip/avenger/ibwjaqn.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\avenger\backup_PC 060506.zip/avenger/ssec.exe Infected: Trojan.Win32.Runner.h skipped
C:\avenger\backup_PC 060506.zip ZIP: infected - 4 skipped
C:\COMPDIAG.0XE Infected: Trojan-Downloader.Win32.Adload.bo skipped
C:\CORRUPTFIX.0XE Infected: Trojan-Downloader.Win32.Adload.bo skipped
C:\DEFENDER23.0XE Infected: Trojan-Downloader.Win32.VB.adw skipped
C:\DEFENDER25.0XE Infected: Trojan-Downloader.Win32.Adload.bx skipped
C:\DEFRAGSVC.0XE Infected: Trojan-Downloader.Win32.Adload.bo skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\5QJFZD96\DRSMARTLOAD743A[1].0XE Infected: Trojan-Downloader.Win32.Adload.bo skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\5QJFZD96\msdosmgr[1].exe/data.rar/mc-110-12-0000487.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.u skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\5QJFZD96\msdosmgr[1].exe/data.rar/mc-110-12-0000487.exe Infected: Trojan-Downloader.NSIS.Agent.u skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\5QJFZD96\msdosmgr[1].exe/data.rar Infected: Trojan-Downloader.NSIS.Agent.u skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\5QJFZD96\msdosmgr[1].exe RarSFX: infected - 3 skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\5QJFZD96\MSNINSTALLER[1].0IP Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\7Z3VWO4T\DRSMARTLOAD45A[1].0XE Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\7Z3VWO4T\KEYBOARD23[1].0XE Infected: Backdoor.Win32.VB.ary skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\7Z3VWO4T\KEYBOARD25[1].0XE Infected: Trojan.Win32.StartPage.aju skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\7Z3VWO4T\MTE3NDI6ODOXNG[1].0XE Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\7Z3VWO4T\NEWNAME25[1].0XE Infected: Trojan-Downloader.Win32.VB.abm skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ESCWFPDZ\DEFENDER23[1].0XE Infected: Trojan-Downloader.Win32.VB.adw skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ESCWFPDZ\DEFENDER24[2].0XE Infected: Trojan-Clicker.Win32.VB.ly skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ESCWFPDZ\DEFENDER25[1].0XE Infected: Trojan-Downloader.Win32.Adload.bx skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ESCWFPDZ\DRSMARTLOAD46A[1].0XE Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ESCWFPDZ\DRSMARTLOAD[1].0XE Infected: Trojan-Downloader.Win32.Adload.bv skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ESCWFPDZ\NEWNAME23[1].0XE Infected: Trojan-Downloader.Win32.VB.adw skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LYHFJ5FM\DRSMARTLOAD849A[1].0XE Infected: Trojan-Downloader.Win32.Adload.bo skipped
C:\KEYBOARD23.0XE Infected: Backdoor.Win32.VB.ary skipped
C:\KEYBOARD25.0XE Infected: Trojan.Win32.StartPage.aju skipped
C:\LSASS.0XE Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\msdosmgr.exe/data.rar/mc-110-12-0000487.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.u skipped
C:\msdosmgr.exe/data.rar/mc-110-12-0000487.exe Infected: Trojan-Downloader.NSIS.Agent.u skipped
C:\msdosmgr.exe/data.rar Infected: Trojan-Downloader.NSIS.Agent.u skipped
C:\msdosmgr.exe RarSFX: infected - 3 skipped
C:\NEWNAME23.0XE Infected: Trojan-Downloader.Win32.VB.adw skipped
C:\NEWNAME25.0XE Infected: Trojan-Downloader.Win32.VB.abm skipped
C:\Program Files\Norton AntiVirus\Quarantine\12AB6452.0 Infected: Trojan-Spy.Win32.Idly.c skipped
C:\Program Files\Norton AntiVirus\Quarantine\4E5D2804.0 Infected: Trojan-Downloader.Win32.Small.wj skipped
C:\Program Files\Norton AntiVirus\Quarantine\4FCE306E.0 Infected: Trojan-Dropper.Win32.Small.mr skipped
C:\Program Files\Norton AntiVirus\Quarantine\54492976.0 Infected: Trojan-Downloader.Win32.Small.wj skipped
C:\Program Files\Norton AntiVirus\Quarantine\55CF6D86.0 Infected: Trojan-Spy.Win32.Idly.c skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\012B2A72.0 Infected: Trojan-Downloader.Win32.Qoologic.t skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\03335C96.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\03360692.tmp Infected: Trojan-Downloader.VBS.Psyme.v skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\041F114F.0LL Infected: Trojan-Downloader.Win32.Envolo.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\05F87120.0XE Infected: Trojan-Downloader.Win32.Intexp.c skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\068A7A69.0XE Infected: Trojan-Downloader.Win32.Delmed.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\06F07071.0XE Infected: Trojan-Downloader.Win32.Qoologic.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0A203BAB.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0B0F663A.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0B472FFD.tmp Infected: Trojan-Downloader.VBS.Psyme.x skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0B617FE0.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0BC03611.0LL Infected: Trojan-Downloader.Win32.Qoologic.n skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0BC03611.0XE Infected: Trojan-Downloader.Win32.Qoologic.n skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0BC3600D.0LL Infected: Trojan-Downloader.Win32.Qoologic.n skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0BC60A09.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.i skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0BC60A09.exe NSIS: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0BC60A09.exe CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0BD331FB.0XE Infected: Trojan-Downloader.Win32.Qoologic.x skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0BDD2FF0.0LL Infected: Trojan-Downloader.Win32.IstBar.gen skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0BDD2FF0.0XE Infected: Trojan-Dropper.Win32.Agent.rs skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0CDC063F.tmp Infected: Trojan-Downloader.VBS.Psyme.v skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\10F237C5.0XE Infected: Trojan-Dropper.Win32.Agent.hl skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\176F7C9C.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\17722699.tmp Infected: Trojan-Downloader.VBS.Psyme.v skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18394C7F.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1A8A6651.0XE Infected: Trojan-Downloader.Win32.Qoologic.o skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1B40094C.0XE Infected: Trojan-Dropper.Win32.Small.ht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1DDB1804.exe/data0002 Infected: Trojan.Win32.Registrator.b skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1DDB1804.exe/data0003 Infected: Trojan-Downloader.Win32.Small.ayh skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1DDB1804.exe NSIS: infected - 2 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1DDB1804.exe CryptFF: infected - 2 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\20754799.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\20754799.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\213706B3.0LL Infected: Trojan-Clicker.Win32.Small.ez skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\213A30AF.0OM Infected: Trojan-Dropper.Win32.Agent.pb skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\213E5AAC.0XE Infected: Trojan-Downloader.Win32.Agent.qg skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\214104A8.0XE Infected: Trojan-Downloader.Win32.Agent.qg skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\21442EA4.0XE Infected: Trojan.Win32.StartPage.nk skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\214758A1.0XE Infected: Trojan.Win32.StartPage.nk skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\214B029D.0XE Infected: Trojan-Downloader.Win32.Small.abd skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\214E2C9A.exe/data0002 Infected: Trojan.Win32.Registrator.b skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\214E2C9A.exe/data0003 Infected: Trojan-Downloader.Win32.Small.ayh skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\214E2C9A.exe NSIS: infected - 2 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\214E2C9A.exe CryptFF: infected - 2 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\21515696.0LL Infected: Trojan-Downloader.Win32.Qoologic.t skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\21622884.0XE Infected: Trojan-Downloader.Win32.Pacer.j skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\21687C7D.0XE Infected: Trojan-Downloader.Win32.Pacer.j skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\216B2679.0XE Infected: Trojan-Downloader.Win32.Pacer.d skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\216F5076.0PL Infected: Trojan-Downloader.Win32.Qoologic.p skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2175246F.0LL Infected: Trojan-Downloader.Win32.Qoologic.p skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2175246F.0XE Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\218C4A55.0XE Infected: Trojan-Dropper.Win32.Agent.hl skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\21921E4E.0XE Infected: Trojan-Downloader.Win32.Small.abd skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2196484B.0XE Infected: Trojan-Downloader.Win32.Intexp.c skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2196484B.dat Infected: Trojan-Downloader.Win32.Qoologic.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\231C7916.0XE Infected: Trojan-Downloader.Win32.Apropo.aj skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\275814CA.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\275814CA.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\275C3EC7.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\275C3EC7.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\275F68C3.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\275F68C3.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\276212BF.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\27653CBC.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\27653CBC.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\276966B8.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\276966B8.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\277938A6.tmp Infected: Trojan-Downloader.VBS.Psyme.v skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\27866098.tmp Infected: Trojan-Downloader.VBS.Psyme.v skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\27890A94.tmp Infected: Trojan-Downloader.VBS.Psyme.v skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\27B75662.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\27B75662.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\27B75662.tmp Infected: Trojan-Downloader.VBS.Psyme.v skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\27BA005E.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\27BA005E.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\281617FA.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\283A65D2.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\28615DA7.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\287B2D8A.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\28852B80.tmp Infected: Trojan-Downloader.VBS.Psyme.v skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\28C3493B.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2A071A74.0XE Infected: Trojan.Win32.Crypt.t skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2A514B85.0XE Infected: Trojan.Win32.Registrator.b skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2A8E1BCE.0 Infected: Trojan-Downloader.Win32.Qoologic.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2A9145CA.0 Infected: Trojan-Downloader.Win32.Qoologic.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2A956FC6.0 Infected: Trojan-Downloader.Win32.Qoologic.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AA217B8.0XE Infected: Trojan-Downloader.Win32.Pacer.d skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AA217B8.fr5 Infected: Trojan.Win32.Agent.db skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2BF7410C.0 Infected: Trojan-Downloader.Win32.Qoologic.s skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2DFB0DFB.0XE Infected: Backdoor.Win32.SdBot.aad skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\31D93E55.tmp/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\31D93E55.tmp/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\31D93E55.tmp/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\31D93E55.tmp ZIP: infected - 3 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\31D93E55.tmp CryptFF: infected - 3 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\31D93E55.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\31D93E55.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\31D93E55.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\31D93E55.zip ZIP: infected - 3 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\31D93E55.zip CryptFF: infected - 3 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\34CB6A64.exe/data0002 Infected: Trojan.Win32.Registrator.b skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\34CB6A64.exe/data0003 Infected: Trojan-Downloader.Win32.Small.aly skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\34CB6A64.exe NSIS: infected - 2 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\34CB6A64.exe CryptFF: infected - 2 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\35BF752A.0YS Infected: Trojan.Win32.Kolweb.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\35F43546.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\38EB7B4B.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3C311A23.0XE Infected: Backdoor.Win32.SdBot.aad skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3D53662C.0LL Infected: Trojan.Win32.Kolweb.d skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3D6E72C5.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3D6E72C5.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3D711CC2.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3D711CC2.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3D7446BE.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3E1E4E03.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3E573350.0XE Infected: Trojan.Win32.Kolweb.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3E7D0F9B.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3E8A378D.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3F2A40DD.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3F93006A.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3F995462.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\40F760E2.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\40FA0ADE.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\41005ED7.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\41242CB0.tmp Infected: Trojan-Downloader.VBS.Psyme.x skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\412756AC.tmp Infected: Trojan-Downloader.VBS.Psyme.x skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\41281271.0XE Infected: Trojan-Downloader.Win32.Qoologic.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4A9E7FF8.0XE Infected: Trojan.Win32.Kolweb.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4AAB27EA.0XE Infected: Trojan.Win32.Pakes skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4AAE51E6.0LL Infected: Trojan.Win32.Kolweb.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4AAE51E6.0XE Infected: Trojan-Downloader.Win32.Apropo.t skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4C525868.0XE Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\50DA393D.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\562633DC.0XE Infected: Trojan-Downloader.Win32.VB.jq skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\639F5F0A.0XE Infected: Trojan-Downloader.Win32.Agent.am skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\63D9466D.0XE Infected: Trojan-Downloader.Win32.Pacer.j skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66E91A02.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\67133BD4.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6A6B0951.0XE Infected: Trojan-Downloader.Win32.Agent.oa skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6BBB4E8B.0XE Infected: Trojan-Downloader.Win32.VB.jq skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6D7648C6.0XE Infected: Trojan.Win32.Registrator.b skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6EC30357.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6EC62D54.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6EEA7B2C.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6F9B7225.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6F9E1C22.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6FB5264D.0 Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\70482367.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\70724538.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\70896B1F.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\70936914.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\70E82CB7.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\714D4247.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\71711020.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\71743A1C.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\71C87554.0XE Infected: Trojan-Downloader.Win32.IstBar.lh skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\72DC5EE6.0LL Infected: Trojan.Win32.Delf.cf skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\72DC5EE6.0YS Infected: Trojan.Win32.Kolweb.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\72DF08E2.0XE Infected: Trojan.Win32.Kolweb.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\72DF08E2.0YS Infected: Trojan.Win32.Kolweb.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\74602D2A.0XE Infected: Trojan.Win32.Registrator.b skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\74F96281.0XE Infected: Trojan.Win32.Registrator.b skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7738114A.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.i skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7738114A.exe NSIS: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7738114A.exe CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\795F28F6.0XE Infected: Trojan-Downloader.Win32.Qoologic.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A673522.0 Infected: Trojan-Downloader.Win32.Qoologic.u skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A673522.0XE Infected: Trojan-Downloader.Win32.Pacer.j skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7A934863.0XE Infected: Trojan-Downloader.Win32.Delmed.a skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7AC11508.0XE Infected: Trojan.Win32.Agent.ay skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7ADE43C0.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7AF93E6A.0XE Infected: Trojan-Downloader.Win32.Pacer.d skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7D583153.0XE Infected: Trojan.Win32.StartPage.acx skipped
C:\SERVICES.0XE Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\SVCHOST.0XE Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\WINDOWS\DRSMARTLOAD45A.0XE Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\WINDOWS\DRSMARTLOAD46A.0XE Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\WINDOWS\DRSMARTLOAD849A.0XE Infected: Trojan-Downloader.Win32.Adload.bo skipped
C:\WINDOWS\mc-110-12-0000487.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.u skipped
C:\WINDOWS\mc-110-12-0000487.exe NSIS: infected - 1 skipped
C:\WINDOWS\mc-110-12-0000487.exe UPX: infected - 1 skipped
C:\WINDOWS\mc-110-12-0000487.exe PE_Patch.UPX: infected - 1 skipped
C:\WINDOWS\mc-110-12-0000488.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.u skipped
C:\WINDOWS\mc-110-12-0000488.exe NSIS: infected - 1 skipped
C:\WINDOWS\mc-110-12-0000488.exe UPX: infected - 1 skipped
C:\WINDOWS\mc-110-12-0000488.exe PE_Patch.UPX: infected - 1 skipped
C:\WINDOWS\MSNUPDATE.0XE Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\WINDOWS\OFFUN.0XE Infected: Trojan-Downloader.Win32.VB.nw skipped
C:\WINDOWS\system32\IBWJAQN.0XE Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\WINDOWS\system32\mtnfc.dat Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\WINDOWS\system32\NDXCHTY.0LL Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\WINDOWS\system32\removefunc.ram/data.rar/mc-110-12-0000488.exe/data0001 Infected: Trojan-Downloader.NSIS.Agent.u skipped
C:\WINDOWS\system32\removefunc.ram/data.rar/mc-110-12-0000488.exe Infected: Trojan-Downloader.NSIS.Agent.u skipped
C:\WINDOWS\system32\removefunc.ram/data.rar/msnupdate.exe Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\WINDOWS\system32\removefunc.ram/data.rar Infected: Trojan-Downloader.Win32.Adload.bq skipped
C:\WINDOWS\system32\removefunc.ram RarSFX: infected - 4 skipped
C:\WINDOWS\system32\XFPGP.0XE.bak Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\WINDOWS\SYSTEM32SSEC.0XE Infected: Trojan.Win32.Runner.h skipped
C:\WINDOWS\WMIAPSRV.0XE Infected: Backdoor.Win32.SdBot.aad skipped
Scan process completed.
3) HJT
Logfile of HijackThis v1.99.1
Scan saved at 6:36:52 AM, on 6/8/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus9.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus9.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus9.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] "c:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE"
O4 - HKLM\..\Run: [hplampc] C:\WINDOWS\system32\hplampc.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - (no file)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www.snapfish.com/SnapfishOutlookImport.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} - http://www.miniclip.com/puzzlepirates/miniclipGameLoader.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.yorkphoto.com/YorkActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor/mjolauncher.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols3/fscax.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4561/mcfscan.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: Microsoft WMI Performance Adapter AddOn (WMIPerAddOn) - Unknown owner - C:\WINDOWS\wmiapsrv.exe (file missing)
