Here are the reports
This is a report processed by VirusTotal on 01/04/2006 at 17:51:53 (CET) after scanning the file "iecutil.dll" file.
Antivirus Version Update Result
AntiVir 6.33.0.74 01.04.2006 no virus found
Avast 4.6.695.0 01.03.2006 no virus found
AVG 718 01.03.2006 no virus found
Avira 6.33.0.74 01.04.2006 no virus found
BitDefender 7.2 01.04.2006 no virus found
CAT-QuickHeal 8.00 01.04.2006 no virus found
ClamAV devel-20051123 01.04.2006 no virus found
DrWeb 4.33 01.04.2006 no virus found
eTrust-Iris 7.1.194.0 01.04.2006 no virus found
eTrust-Vet 12.4.1.0 01.04.2006 no virus found
Ewido 3.5 01.03.2006 no virus found
Fortinet 2.54.0.0 01.04.2006 no virus found
F-Prot 3.16c 01.02.2006 no virus found
Ikarus 0.2.59.0 01.04.2006 no virus found
Kaspersky 4.0.2.24 01.04.2006 no virus found
McAfee 4666 01.03.2006 no virus found
NOD32v2 1.1351 01.03.2006 no virus found
Norman 5.70.10 12.31.2006 no virus found
Panda 9.0.0.4 01.04.2006 no virus found
Sophos 4.01.0 01.04.2006 no virus found
Symantec 8.0 01.04.2006 no virus found
TheHacker 5.9.2.067 01.02.2006 no virus found
UNA 1.83 01.02.2006 no virus found
VBA32 3.10.5 01.04.2006 no virus found
Scan results
File: cdrip.exe
Date: 01/04/2006 17:52:38 (CET)
----
AntiVir 6.33.0.74/20060104 found nothing
Avast 4.6.695.0/20060103 found nothing
AVG 718/20060103 found nothing
Avira 6.33.0.74/20060104 found nothing
BitDefender 7.2/20060104 found nothing
CAT-QuickHeal 8.00/20060104 found nothing
ClamAV devel-20051123/20060104 found nothing
DrWeb 4.33/20060104 found nothing
eTrust-Iris 7.1.194.0/20060104 found nothing
eTrust-Vet 12.4.1.0/20060104 found nothing
Ewido 3.5/20060103 found nothing
Fortinet 2.54.0.0/20060104 found [suspicious]
F-Prot 3.16c/20060102 found nothing
Ikarus 0.2.59.0/20060104 found nothing
Kaspersky 4.0.2.24/20060104 found nothing
McAfee 4666/20060103 found nothing
NOD32v2 1.1351/20060103 found nothing
Norman 5.70.10/20061231 found nothing
Panda 9.0.0.4/20060104 found nothing
Sophos 4.01.0/20060104 found nothing
Symantec 8.0/20060104 found nothing
TheHacker 5.9.2.067/20060102 found nothing
UNA 1.83/20060102 found nothing
VBA32 3.10.5/20060104 found nothing
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Wednesday, January 04, 2006 23:12:27
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 4/01/2006
Kaspersky Anti-Virus database records: 158721
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 64713
Number of viruses found: 1
Number of infected objects: 1
Number of suspicious objects: 0
Duration of the scan process: 3188 sec
Infected Object Name - Virus Name
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP717\A0036258.exe Infected: Trojan-Downloader.Win32.Zlob.dq
Scan process completed.
Logfile of HijackThis v1.99.1
Scan saved at 23:13:49, on 04/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program Files\Ewido anti-malware\ewidoctrl.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Pinnacle\Pinnacle PCTV\Remote\Remoterm.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Digital Camera\Nikon\NkView6\NkvMon.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.euro.dell...gen/default.htmR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=wwwcache.cam.ac.uk:8080;http=wwwcache.cam.ac.uk:8080;https=wwwcache.cam.ac.uk:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.cam.ac.uk
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-gb\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [PCTVRemote] C:\Program Files\Pinnacle\Pinnacle PCTV\Remote\Remoterm.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Digital Camera\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: Pinnacle Scheduler.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\Games\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\Games\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://www.mrfixitonline.comO15 - Trusted Zone:
http://www.rtscentral.comO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
http://a1540.g.akama...meInstaller.exeO16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) -
http://support.euro....er/PROFILER.CABO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = robinson.private.cam.ac.uk
O17 - HKLM\Software\..\Telephony: DomainName = robinson.private.cam.ac.uk
O17 - HKLM\System\CCS\Services\Tcpip\..\{18C70E04-9B3C-4361-A1AE-6F1022788CEF}: Domain = robinson.private.cam.ac.uk
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = robinson.private.cam.ac.uk
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = robinson.private.cam.ac.uk,robinson.cam.ac.uk,cam.ac.uk,ac.uk
O17 - HKLM\System\CS1\Services\Tcpip\..\{18C70E04-9B3C-4361-A1AE-6F1022788CEF}: Domain = robinson.private.cam.ac.uk
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = robinson.private.cam.ac.uk
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = robinson.private.cam.ac.uk,robinson.cam.ac.uk,cam.ac.uk,ac.uk
O17 - HKLM\System\CS2\Services\Tcpip\..\{18C70E04-9B3C-4361-A1AE-6F1022788CEF}: Domain = robinson.private.cam.ac.uk
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = robinson.private.cam.ac.uk,robinson.cam.ac.uk,cam.ac.uk,ac.uk
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\Ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe