However, in it I also see references to MyWebSearch and Trymedia, for which there are no uninstall files, since I may have at one point deleted them directly from the system. How do I get rid of these? Does anything else in my log look suspicious? Also, under the Kaspersky log I am also posting the HijackThis log, but neither MyWebSearch nor Trymedia show up (MyWebSearch used to show up on it, but I supposedly "fixed" it with HijackThis)
------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, March 06, 2008 11:13:09 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 7/03/2008 Kaspersky Anti-Virus database records: 607190 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ Scan Statistics: Total number of scanned objects: 61196 Number of viruses found: 21 Number of infected objects: 80 Number of suspicious objects: 0 Duration of the scan process: 02:02:17 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\Alex\Application Data\Ilium Software\ListPro\ListProAlarms.adb Object is locked skipped C:\Documents and Settings\Alex\Application Data\ispnews\ispn.ini Object is locked skipped C:\Documents and Settings\Alex\Application Data\ispnews\ispnc.items Object is locked skipped C:\Documents and Settings\Alex\Application Data\ispnews\ispnr.items Object is locked skipped C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\lt1jxpv3.default\cert8.db Object is locked skipped C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\lt1jxpv3.default\formhistory.dat Object is locked skipped C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\lt1jxpv3.default\history.dat Object is locked skipped C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\lt1jxpv3.default\key3.db Object is locked skipped C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\lt1jxpv3.default\parent.lock Object is locked skipped C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\lt1jxpv3.default\search.sqlite Object is locked skipped C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\lt1jxpv3.default\urlclassifier2.sqlite Object is locked skipped C:\Documents and Settings\Alex\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Alex\Desktop\SkoachCoach.exe/file2 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\Documents and Settings\Alex\Desktop\SkoachCoach.exe Inno: infected - 1 skipped C:\Documents and Settings\Alex\Desktop\SkoachConnect.exe/vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\Documents and Settings\Alex\Desktop\SkoachConnect.exe 7-Zip: infected - 1 skipped C:\Documents and Settings\Alex\Desktop\SkoachConnect.exe UPX: infected - 1 skipped C:\Documents and Settings\Alex\Desktop\turo-connect.exe/vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\Documents and Settings\Alex\Desktop\turo-connect.exe 7-Zip: infected - 1 skipped C:\Documents and Settings\Alex\Desktop\turo-connect.exe UPX: infected - 1 skipped C:\Documents and Settings\Alex\Desktop\UltraVNC-102-Setup.exe/file04 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped C:\Documents and Settings\Alex\Desktop\UltraVNC-102-Setup.exe/file05 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped C:\Documents and Settings\Alex\Desktop\UltraVNC-102-Setup.exe/file34 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped C:\Documents and Settings\Alex\Desktop\UltraVNC-102-Setup.exe Inno: infected - 3 skipped C:\Documents and Settings\Alex\Desktop\vnc-4_1_1-x86_win32.exe/file1 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4110 skipped C:\Documents and Settings\Alex\Desktop\vnc-4_1_1-x86_win32.exe/file3 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\Documents and Settings\Alex\Desktop\vnc-4_1_1-x86_win32.exe Inno: infected - 2 skipped C:\Documents and Settings\Alex\Desktop\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped C:\Documents and Settings\Alex\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Alex\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Alex\Local Settings\Application Data\Mozilla\Firefox\Profiles\lt1jxpv3.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Alex\Local Settings\Application Data\Mozilla\Firefox\Profiles\lt1jxpv3.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Alex\Local Settings\Application Data\Mozilla\Firefox\Profiles\lt1jxpv3.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Alex\Local Settings\Application Data\Mozilla\Firefox\Profiles\lt1jxpv3.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Alex\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Alex\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Alex\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Alex\ntuser.dat Object is locked skipped C:\Documents and Settings\Alex\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Alex\Yugma\lib\DskHooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1370 skipped C:\Documents and Settings\Alex\Yugma\lib\YugmaPlugin.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1360 skipped C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Output\Alex\~Running.ping Object is locked skipped C:\Documents and Settings\All Users\Application Data\F-Secure\logs\FSMA\fsma.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\827568A28AD44457A81ABC08309D7D62\lib\DskHooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1370 skipped C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\827568A28AD44457A81ABC08309D7D62\lib\YugmaPlugin.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1360 skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\Blue Coat K9 Web Protection\cwmlog.txt Object is locked skipped C:\Program Files\Blue Coat K9 Web Protection\urls.log Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\dbupdate.log Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\deleteme_msg.log Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsqh.exe.Qrt.log Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\perf.dat Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\power.dat Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\Common\policy.bpf Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\Common\policy.ipf Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\FSAUA\program\fsaua.dbg Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\FSAUA\program\fsaua.log Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\FSAUA\program\fsbwupst.log Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\FSPC\csdk\Stlst\StatListDb.dat Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\FSPC\csdk\Stlst\StatListDb.idx Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\FSPC\logs\fspcwld.dat Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\FSPC\logs\fspcwli.dat Object is locked skipped C:\Program Files\Charter High-Speed Security Suite\Spam Control\log\fs_sa_log.txt Object is locked skipped C:\Program Files\UltraVNC\vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped C:\Program Files\UltraVNC\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1102 skipped C:\Program Files\UltraVNC\winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP227\A0070642.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP227\A0070643.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP227\A0070644.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.f skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP227\A0070645.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.z skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP227\A0070646.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP227\A0070647.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP227\A0070648.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP227\A0070652.exe Infected: not-a-virus:AdWare.Win32.Trymedia.b skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP230\A0070999.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071127.SCR Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071128.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.v skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071129.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071130.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.a skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071131.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071132.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bh skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071133.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071134.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071135.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071137.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.p skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071138.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071139.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ab skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071140.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071141.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071142.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP232\A0071143.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP266\A0078020.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP266\A0078022.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4110 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP281\A0081266.exe/vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP281\A0081266.exe 7-Zip: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP281\A0081266.exe UPX: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081373.exe/vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081373.exe 7-Zip: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081373.exe UPX: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081374.exe/vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081374.exe 7-Zip: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081374.exe UPX: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081375.exe/vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081375.exe 7-Zip: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081375.exe UPX: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081378.exe/vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081378.exe 7-Zip: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081378.exe UPX: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081381.exe/vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081381.exe 7-Zip: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081381.exe UPX: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081383.exe/file2 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081383.exe Inno: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081385.exe/file2 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081385.exe Inno: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081386.exe/vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081386.exe 7-Zip: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081386.exe UPX: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081388.exe/vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081388.exe 7-Zip: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP284\A0081388.exe UPX: infected - 1 skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP294\A0084001.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP294\A0084002.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP305\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\AVP7D5D.tmp Object is locked skipped C:\WINDOWS\Temp\AVP7D5E.tmp Object is locked skipped C:\WINDOWS\Temp\AVP7D61.tmp Object is locked skipped C:\WINDOWS\Temp\AVP7D62.tmp Object is locked skipped C:\WINDOWS\Temp\hsperfdata_SYSTEM\5964 Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_50c.dat Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:41:08 PM, on 3/6/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ACS.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\DVDRAMSV.exe C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\FSGK32.EXE C:\WINDOWS\system32\svchost.exe c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe C:\Program Files\Charter High-Speed Security Suite\Common\FSMB32.EXE C:\Program Files\Charter High-Speed Security Suite\Common\FCH32.EXE C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe C:\Program Files\Charter High-Speed Security Suite\Common\FAMEH32.EXE C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsqh.exe C:\Program Files\Charter High-Speed Security Suite\FSPC\fspc.exe C:\Program Files\DynDNS Updater\DynDNS.exe C:\Program Files\Charter High-Speed Security Suite\FSAUA\program\fsaua.exe C:\Program Files\Charter High-Speed Security Suite\FWES\Program\fsdfwd.exe C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fssm32.exe C:\Program Files\Charter High-Speed Security Suite\FSAUA\program\fsus.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE C:\Program Files\Charter High-Speed Security Suite\FSGUI\ispnews.exe C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe C:\Program Files\eFax Messenger 4.3\J2GTray.exe C:\Program Files\Ilium Software\ListPro\ListProAlarms.exe C:\Program Files\Charter High-Speed Security Suite\FSGUI\fsguidll.exe C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsav32.exe C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Charter High-Speed Security Suite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [LXDBCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDBtime.dll,_RunDLLEntry@16 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: &Suspend Webpage Filter - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: &Deny this website - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: &Allow this website - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support2.charter.com/sdccommon/download/tgctlcm.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: DynDNS Updater Service (DynDNS_Updater_Service) - Kana Solution - C:\Program Files\DynDNS Updater\DynDNS.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE O23 - Service: lxdb_device - - C:\WINDOWS\system32\lxdbcoms.exe O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe O23 - Service: Blue Coat K9 Web Protection (WebFilter) - Unknown owner - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe -- End of file - 7371 bytes