Potentially unwanted tool:application/bestoffer Not disinfected c:\windows\smdat32m.sys
Potentially unwanted tool:application/need2find Not disinfected c:\program files\Need2Find
Potentially unwanted tool:application/altnet Not disinfected hkey_local_machine\software\microsoft\windows\currentversion\app management\arpcache\AltnetDM
Adware:adware/instafinder Not disinfected Windows Registry
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.burstnet.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[www.burstbeacon.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.com.com/]
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.adultfriendfinder.com/]
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.toplist.cz/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.maxserving.com/]
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.ccbill.com/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[searchportal.information.com/]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.drivecleaner.com/]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[stats.drivecleaner.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.bravenet.com/]
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.winantivirus.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.atwola.com/]
Spyware:Cookie/WebPower Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.webpower.com/]
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[landing.domainsponsor.com/]
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.adopt.hbmediapro.com/]
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookies.txt[.c2.gostats.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cookiesnew.txt[.realmedia.com/]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\HP_Administrator\Desktop\Latest Virus Stuff\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\HP_Administrator\Desktop\SmitfraudFix\SmitfraudFix\Process.exe
Possible Virus. Not disinfected C:\Documents and Settings\HP_Administrator\Desktop\SmitfraudFix\SmitfraudFix\swsc.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\HP_Administrator\Desktop\SmitfraudFix.zip[SmitfraudFix/Process.exe]
Possible Virus. Not disinfected C:\Documents and Settings\HP_Administrator\Desktop\SmitfraudFix.zip[SmitfraudFix/swsc.exe]
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Potentially unwanted tool:Application/Need2Find Not disinfected C:\Program Files\Mozilla Firefox\plugins\NPNd2fn.dll
Potentially unwanted tool:Application/Need2Find Not disinfected C:\Program Files\Need2Find\bar\1.bin\N2PLUGIN.DLL
Potentially unwanted tool:Application/Need2Find Not disinfected C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe
Possible Virus. Not disinfected C:\WINDOWS\system32\swsc.exe
Logfile of HijackThis v1.99.1
Scan saved at 12:42:44 AM, on 11/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\GhostSurf 2005\DeleteSvc.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\support.com\bin\tgcmd.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MySurvey Messenger\MySurveyMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Computer Security\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsof...search.asp?p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = The Schnak rocks!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = <local>
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - (no file)
O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [dont-touch-my-ads] C:\Documents and Settings\HP_Administrator\Dont-Touch-My-Ads.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [NewsletterReader] C:\Program Files\Newsletter Reader\newstray.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [GhostSurfDelSatellite] "C:\Program Files\GhostSurf 2005\DeleteSatellite.exe" nowait
O4 - HKCU\..\Run: [Organize Quick & Easy 5.0] C:\Program Files\Organize Quick & Easy 5.0\AtDem.exe
O4 - Startup: MySurvey Messenger.lnk = C:\Program Files\MySurvey Messenger\MySurveyMessenger.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.h...staller_gmn.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplane...DC_2.3.0.97.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcaf...,26/mcgdmgr.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Tenebril antispyware satellite (TNBRLDS) - Tenebril Inc. - C:\Program Files\GhostSurf 2005\DeleteSvc.exe
KASPERSKY ONLINE SCANNER REPORT
Thursday, November 09, 2006 11:46:39 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 10/11/2006
Kaspersky Anti-Virus database records: 239667
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan Statistics
Total number of scanned objects 104602
Number of viruses found 14
Number of infected objects 57 / 0
Number of suspicious objects 0
Duration of the scan process 01:40:13
Infected Object Name Virus Name Last Action
C:\Backups\Old PC\Thunderbird\Profiles\nmnmqf30.default\abook.mab Object is locked skipped
C:\Backups\Old PC\Thunderbird\Profiles\nmnmqf30.default\cert8.db Object is locked skipped
C:\Backups\Old PC\Thunderbird\Profiles\nmnmqf30.default\key3.db Object is locked skipped
C:\Backups\Old PC\Thunderbird\Profiles\nmnmqf30.default\Mail\Local Folders\Cancel This/[From "eBay Member: m0r435" ][Date Tue, 3 May 2005 19:11:47 -0700]/UNNAMED/text Infected: Trojan-Spy.HTML.Bayfraud.ib skipped
C:\Backups\Old PC\Thunderbird\Profiles\nmnmqf30.default\Mail\Local Folders\Cancel This/[From "eBay Member: m0r435" ][Date Tue, 3 May 2005 19:11:47 -0700]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.ib skipped
C:\Backups\Old PC\Thunderbird\Profiles\nmnmqf30.default\Mail\Local Folders\Cancel This Mail Berkeley mbox: infected - 2 skipped
C:\Backups\Old PC\Thunderbird\Profiles\nmnmqf30.default\Mail\Local Folders\Inbox.msf Object is locked skipped
C:\Backups\Old PC\Thunderbird\Profiles\nmnmqf30.default\Mail\Local Folders\Templates.msf Object is locked skipped
C:\Backups\Old PC\Thunderbird\Profiles\nmnmqf30.default\Mail\Local Folders\Trash.msf Object is locked skipped
C:\Backups\Old PC\Thunderbird\Profiles\nmnmqf30.default\panacea.dat Object is locked skipped
C:\Backups\Old PC\Thunderbird\Profiles\nmnmqf30.default\parent.lock Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-4a97bc2f-4096f21a.zip.bac_a02232/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-4a97bc2f-4096f21a.zip.bac_a02232/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-4a97bc2f-4096f21a.zip.bac_a02232/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-4a97bc2f-4096f21a.zip.bac_a02232 ZIP: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-4a97bc2f-4096f21a.zip.bac_a02232 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-5c2b4449-55c67fd6.zip.bac_a02232/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-5c2b4449-55c67fd6.zip.bac_a02232/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-5c2b4449-55c67fd6.zip.bac_a02232/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-5c2b4449-55c67fd6.zip.bac_a02232 ZIP: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-5c2b4449-55c67fd6.zip.bac_a02232 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-5c9ed667-4ffd4c4a.zip.bac_a02232/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-5c9ed667-4ffd4c4a.zip.bac_a02232/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-5c9ed667-4ffd4c4a.zip.bac_a02232/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-5c9ed667-4ffd4c4a.zip.bac_a02232 ZIP: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\count.jar-5c9ed667-4ffd4c4a.zip.bac_a02232 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\java.jar-10015c94-3e236155.zip.bac_a02232/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\java.jar-10015c94-3e236155.zip.bac_a02232/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\java.jar-10015c94-3e236155.zip.bac_a02232 ZIP: infected - 2 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\java.jar-10015c94-3e236155.zip.bac_a02232 CryptFF.b: infected - 2 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\java.jar-4620c11e-52bb41cd.zip.bac_a02232/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\java.jar-4620c11e-52bb41cd.zip.bac_a02232/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\java.jar-4620c11e-52bb41cd.zip.bac_a02232 ZIP: infected - 2 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\java.jar-4620c11e-52bb41cd.zip.bac_a02232 CryptFF.b: infected - 2 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv588.jar-5bd12327-2a9b5baf.zip.bac_a02232/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv588.jar-5bd12327-2a9b5baf.zip.bac_a02232/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv588.jar-5bd12327-2a9b5baf.zip.bac_a02232/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv588.jar-5bd12327-2a9b5baf.zip.bac_a02232 ZIP: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv588.jar-5bd12327-2a9b5baf.zip.bac_a02232 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv596.jar-5d69ccc4-1145a5d0.zip.bac_a02232/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv596.jar-5d69ccc4-1145a5d0.zip.bac_a02232/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv596.jar-5d69ccc4-1145a5d0.zip.bac_a02232/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv596.jar-5d69ccc4-1145a5d0.zip.bac_a02232 ZIP: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv596.jar-5d69ccc4-1145a5d0.zip.bac_a02232 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv599.jar-5d941347-4a56de65.zip.bac_a02232/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv599.jar-5d941347-4a56de65.zip.bac_a02232/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv599.jar-5d941347-4a56de65.zip.bac_a02232/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv599.jar-5d941347-4a56de65.zip.bac_a02232 ZIP: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv599.jar-5d941347-4a56de65.zip.bac_a02232 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv612.jar-3a904993-6066fddf.zip.bac_a02232/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv612.jar-3a904993-6066fddf.zip.bac_a02232/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv612.jar-3a904993-6066fddf.zip.bac_a02232/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv612.jar-3a904993-6066fddf.zip.bac_a02232 ZIP: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\.housecall\Quarantine\loaderadv612.jar-3a904993-6066fddf.zip.bac_a02232 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\cert8.db Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\history.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\key3.db Object is locked skipped
C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j766639t.default\parent.lock Object is locked skipped
C:\Documents and Settings\HP_Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\Desktop\SmitfraudFix\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\HP_Administrator\Desktop\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\HP_Administrator\Desktop\SmitfraudFix.zip ZIP: infected - 1 skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\j766639t.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\j766639t.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\j766639t.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\j766639t.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\History\History.IE5\MSHist012006110920061110\index.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\HP_Administrator\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\HP_Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\hp\bin\KillWind.exe Infected: not-a-virus:RiskTool.Win32.PsKill.p skipped
C:\Program Files\Mozilla Firefox\plugins\NPNd2fn.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.o skipped
C:\Program Files\Need2Find\bar\1.bin\N2PLUGIN.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.l skipped
C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.o skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP277\A0033878.exe Infected: not-a-virus:FraudTool.Win32.VirusBurst.a skipped
C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP281\A0034525.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.o skipped
C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP285\A0035200.dll Infected: not-virus:Hoax.Win32.Renos.ap skipped
C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP285\A0035206.exe Infected: Trojan-Downloader.Win32.Zlob.atx skipped
C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP287\change.log Object is locked skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{3F8093F8-8DD4-4860-8D76-68A021C71DEB}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.