-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, September 24, 2006 3:52:47 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 24/09/2006
Kaspersky Anti-Virus database records: 212900
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 62301
Number of viruses found: 16
Number of infected objects: 52 / 0
Number of suspicious objects: 0
Duration of the scan process: 01:09:37
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\jokukyo\.housecall\Quarantine\arc.zip-6c522c5b-5bcdb94b.zip.bac_a04076/web.exe/WISE0006.BIN Infected: Trojan.Win32.Revop.e skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\arc.zip-6c522c5b-5bcdb94b.zip.bac_a04076/web.exe Infected: Trojan.Win32.Revop.e skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\arc.zip-6c522c5b-5bcdb94b.zip.bac_a04076 ZIP: infected - 2 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\arc.zip-6c522c5b-5bcdb94b.zip.bac_a04076 CryptFF.b: infected - 2 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\classload.jar-19061f19-49bc2110.zip.bac_a04076/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\classload.jar-19061f19-49bc2110.zip.bac_a04076/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\classload.jar-19061f19-49bc2110.zip.bac_a04076/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\classload.jar-19061f19-49bc2110.zip.bac_a04076/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\classload.jar-19061f19-49bc2110.zip.bac_a04076 ZIP: infected - 4 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\classload.jar-19061f19-49bc2110.zip.bac_a04076 CryptFF.b: infected - 4 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\classload.jar-28e8d1c5-78974236.zip.bac_a04076/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\classload.jar-28e8d1c5-78974236.zip.bac_a04076/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\classload.jar-28e8d1c5-78974236.zip.bac_a04076/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\classload.jar-28e8d1c5-78974236.zip.bac_a04076/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\classload.jar-28e8d1c5-78974236.zip.bac_a04076 ZIP: infected - 4 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\classload.jar-28e8d1c5-78974236.zip.bac_a04076 CryptFF.b: infected - 4 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-1e3b1005-227a5a16.zip.bac_a04076/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-1e3b1005-227a5a16.zip.bac_a04076/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-1e3b1005-227a5a16.zip.bac_a04076/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-1e3b1005-227a5a16.zip.bac_a04076 ZIP: infected - 3 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-1e3b1005-227a5a16.zip.bac_a04076 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-39c6af36-2dbb4cda.zip.bac_a04076/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-39c6af36-2dbb4cda.zip.bac_a04076/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-39c6af36-2dbb4cda.zip.bac_a04076/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-39c6af36-2dbb4cda.zip.bac_a04076 ZIP: infected - 3 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-39c6af36-2dbb4cda.zip.bac_a04076 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-7d443d2d-2678cf84.zip.bac_a04076/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-7d443d2d-2678cf84.zip.bac_a04076/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-7d443d2d-2678cf84.zip.bac_a04076/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-7d443d2d-2678cf84.zip.bac_a04076 ZIP: infected - 3 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\count.jar-7d443d2d-2678cf84.zip.bac_a04076 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\Dummy.class-4e92308d-6a254fd0.class.bac_a04076 Infected: Trojan.Java.ClassLoader.Dummy.d skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\javainstaller.jar-3c936701-4af18ad7.zip.bac_a04076/javainstaller/InstallerApplet.class Infected: Trojan-Downloader.Java.OpenStream.w skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\javainstaller.jar-3c936701-4af18ad7.zip.bac_a04076 ZIP: infected - 1 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\javainstaller.jar-3c936701-4af18ad7.zip.bac_a04076 CryptFF.b: infected - 1 skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\services.exe.bac_a04076 Infected: Trojan-Downloader.Win32.Small.qe skipped
C:\Documents and Settings\jokukyo\.housecall\Quarantine\VerifierBug.class-1994f8a3-2b769ef4.class.bac_a04076 Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\jokukyo\Application Data\ispnews\ispn.ini Object is locked skipped
C:\Documents and Settings\jokukyo\Application Data\ispnews\ispnc.items Object is locked skipped
C:\Documents and Settings\jokukyo\Application Data\ispnews\ispnr.items Object is locked skipped
C:\Documents and Settings\jokukyo\Application Data\Mozilla\Firefox\Profiles\Default User\cert8.db Object is locked skipped
C:\Documents and Settings\jokukyo\Application Data\Mozilla\Firefox\Profiles\Default User\history.dat Object is locked skipped
C:\Documents and Settings\jokukyo\Application Data\Mozilla\Firefox\Profiles\Default User\key3.db Object is locked skipped
C:\Documents and Settings\jokukyo\Application Data\Mozilla\Firefox\Profiles\Default User\parent.lock Object is locked skipped
C:\Documents and Settings\jokukyo\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\jokukyo\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\jokukyo\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\jokukyo\Local Settings\Application Data\Mozilla\Firefox\Profiles\Default User\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\jokukyo\Local Settings\Application Data\Mozilla\Firefox\Profiles\Default User\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\jokukyo\Local Settings\Application Data\Mozilla\Firefox\Profiles\Default User\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\jokukyo\Local Settings\Application Data\Mozilla\Firefox\Profiles\Default User\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\jokukyo\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\jokukyo\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\jokukyo\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\jokukyo\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\dbupdate.log Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\Qrt.log Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\chandir.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\chandir.idx Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\chn.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\chn.idx Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\fsbwupst.log Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\inuse.txt Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\L0000005.FCS Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\main.log Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\prs.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\prs.idx Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\prs_die.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\prs_die.idx Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\storydb.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Users\Default\Data\storydb.idx Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\Common\admin.pub Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\Common\policy.bpf Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\Common\policy.ipf Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\FSPC\csdk\urlcache\domainNames.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\FSPC\csdk\urlcache\domainNames.idx Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\FSPC\csdk\urlcache\domainNameTokens.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\FSPC\csdk\urlcache\domainNameTokens.idx Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\FSPC\csdk\urlcache\namesRefCount.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\FSPC\csdk\urlcache\namesRefCount.idx Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\FSPC\csdk\urlcache\tokensRefCount.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\FSPC\csdk\urlcache\tokensRefCount.idx Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\FSPC\csdk\urlcache\urlCacheDb.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\FSPC\csdk\urlcache\urlCacheDb.idx Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\FSPC\statlist\icnStLst.dat Object is locked skipped
C:\Program Files\Charter High-Speed Security Suite\FSPC\statlist\icnStLst.idx Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP707\A0127343.0xe Infected: Trojan.Win32.Favadd.ar skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP710\A0127655.0xe/data0007 Infected: Trojan-Downloader.Win32.Zlob.xr skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP710\A0127655.0xe/data0008 Infected: Trojan-Downloader.Win32.Zlob.xr skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP710\A0127655.0xe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP710\A0127655.0xe UPX: infected - 2 skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP710\A0127655.0xe PE_Patch.UPX: infected - 2 skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP785\A0134788.0XE Infected: Trojan-Downloader.Win32.Zlob.alq skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP785\A0134796.0XE Infected: Trojan-Downloader.Win32.Zlob.alq skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP785\A0134802.0XE Infected: Trojan-Downloader.Win32.Zlob.alq skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP785\A0134803.0LL Infected: Trojan-Downloader.Win32.Zlob.alu skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP785\A0134817.0XE Infected: Trojan-Downloader.Win32.Zlob.aek skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP785\A0134818.0LL Infected: Trojan-Downloader.Win32.Zlob.alu skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP788\A0137159.0ll Infected: Trojan-Downloader.Win32.Zlob.aly skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP788\A0138040.0xe Infected: Trojan-Downloader.Win32.Zlob.alu skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP799\A0139527.dll Infected: Packed.Win32.Klone.g skipped
C:\System Volume Information\_restore{CEF01331-5B92-43BD-82BE-8932D7D597CD}\RP799\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\ModemLog_BCM V.92 56K Modem.txt Object is locked skipped
C:\WINDOWS\rnapxs\rnapxs.dat Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{774CDC01-B19A-456F-B969-E20954585491}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd9917.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 3:58:54 AM, on 9/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\CHARTE~1\backweb\3528733\Program\SERVIC~1.EXE
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\FSGK32.EXE
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\program\fsbwsys.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
C:\Program Files\Charter High-Speed Security Suite\Common\FSMB32.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fssm32.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FCH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsqh.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FAMEH32.EXE
C:\Program Files\Charter High-Speed Security Suite\FSPC\fspc.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsrw.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsav32.exe
C:\Program Files\Charter High-Speed Security Suite\FWES\Program\fsdfwd.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\ehome\ehmsas.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE
C:\Program Files\Charter High-Speed Security Suite\FSGUI\ispnews.exe
C:\PROGRA~1\CHARTE~1\ANTI-S~1\fsaw.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Charter High-Speed Security Suite\FSGUI\fsguidll.exe
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Program\fspex.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\jokukyo\Desktop\killer.exe.exe
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Charter High-Speed Security Suite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Charter High-Speed Security Suite\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Charter High-Speed Security Suite\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Charter High-Speed Security Suite.lnk = C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Program\fspex.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: &Block this popup - C:\Program Files\Charter High-Speed Security Suite\Anti-Spyware\blockpopups.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Web Filter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Web Filter - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Charter High-Speed Security Suite\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Charter High-Speed Security Suite\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) -
https://support.dell...iler/SysPro.CABO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) -
https://webchat.dell...t/TLIEFlash.CABO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoft...free/asinst.cabO16 - DPF: {B3872502-F9FD-4E96-93FF-0D37298F0689} (SOESysInfo Control) -
http://swgbetareg.st.../soesysinfo.cabO16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) -
http://us.dl1.yimg.c...utocomplete.cabO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winuns32 - winuns32.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Charter High-Speed Security Suite (BackWeb Plug-in - 3528733) - BackWeb Technologies Inc. - C:\PROGRA~1\CHARTE~1\backweb\3528733\Program\SERVIC~1.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
Does not that anti virus scan fix the problems detected?
Edited by Pcnub, 24 September 2006 - 03:02 AM.