I thank you for the quick reply.
Here is my log from deckards
Deckard's System Scanner v20071014.68
Run by Darrin on 2008-06-03 17:56:14
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Darrin.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:57:17 PM, on 6/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
F:\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\msdtc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\System32\wudfhost.exe
C:\Documents and Settings\Darrin\Desktop\dss.exe
F:\Darrin.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://windowsupdate.microsoft.com/F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,
O2 - BHO: (no name) - {27495A37-8BCD-4998-9D4D-6D16EA08DBAA} - C:\WINDOWS\system32\rqRIxwxV.dll (file missing)
O2 - BHO: (no name) - {2CA67310-5655-4921-A559-3C458441E3DF} - C:\WINDOWS\system32\xxyayAtu.dll (file missing)
O2 - BHO: (no name) - {4EBEF150-1106-48C2-8E3D-F11AEE7AA178} - C:\WINDOWS\system32\tuvTKayX.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: StFlex IE Helper - {8334A30C-49E5-489a-B63D-5B927C1EF46E} - C:\Program Files\QdrDrive\QdrDrive15.dll (file missing)
O2 - BHO: (no name) - {B1BE9075-C0AB-4DB8-9D88-47E2B9A1B68E} - C:\WINDOWS\system32\opnonNHW.dll (file missing)
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: {9ea45c95-b6a4-dbd9-2e34-6cd9b9a321be} - {eb123a9b-9dc6-43e2-9dbd-4a6b59c54ae9} - C:\WINDOWS\system32\xkfbmylj.dll (file missing)
O2 - BHO: (no name) - {EB8C4F8E-A738-F5E8-1797-D08F725B7896} - C:\WINDOWS\system32\bfqrwmm.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {F43F2AD2-8EC5-42E6-A424-F1442BC08182} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "F:\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "F:\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [bmjwnsdg] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\bmjwnsdg.dll"
O4 - HKLM\..\Run: [dolctohy] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\dolctohy.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [MICROS~1] "C:\WINDOWS\Mircosoft Network.exe"
O4 - HKCU\..\Run: [Zvgre] "C:\Documents and Settings\Darrin\My Documents\W?nSxS\m?iexec.exe"
O4 - HKCU\..\Run: [pywxxenx] C:\WINDOWS\system32\dwvejmju.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [areslite] "C:\Program Files\Ares Lite Edition\AresLite.exe" -h
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace....ploader1006.cabO16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) -
http://fubar.com/img...geUploader5.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1188071570782O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.mi...b?1188071526858O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) -
http://www.fubar.com...geUploader4.cabO16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) -
http://zone.msn.com/...mjolauncher.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn...ro.cab56649.cabO16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) -
http://zone.msn.com/...sh.1.0.0.94.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: khfEUoOi - khfEUoOi.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - F:\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
--
End of file - 7742 bytes
-- Files created between 2008-05-03 and 2008-06-03 -----------------------------
2008-06-03 17:53:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-06-03 17:53:36 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-06-03 17:53:35 0 d-------- C:\WINDOWS\LastGood
2008-05-20 18:17:52 68096 --a------ C:\WINDOWS\zip.exe
2008-05-20 18:17:52 49152 --a------ C:\WINDOWS\VFind.exe
2008-05-20 18:17:52 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-05-20 18:17:52 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-05-20 18:17:52 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-05-20 18:17:52 98816 --a------ C:\WINDOWS\sed.exe
2008-05-20 18:17:52 80412 --a------ C:\WINDOWS\grep.exe
2008-05-20 18:17:52 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-05-20 18:17:44 388608 --a------ C:\WINDOWS\system32\CF24637.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-20 18:07:54 388608 --a------ C:\WINDOWS\system32\CF22714.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-20 17:56:20 0 d-------- C:\Documents and Settings\Darrin\Application Data\Uniblue
2008-05-18 22:56:44 0 d-------- C:\Program Files\Jnes 0.6
2008-05-18 16:48:25 0 d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2008-05-18 16:48:11 0 d-------- C:\Program Files\Webroot
2008-05-18 16:48:11 0 d-------- C:\Documents and Settings\Darrin\Application Data\Webroot
2008-05-18 16:48:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2008-05-18 13:55:51 98880 --a------ C:\WINDOWS\system32\ferwtmdb.dll
2008-05-18 13:51:25 90272 --a------ C:\WINDOWS\system32\mkdfvcue.dll
2008-05-18 13:43:50 0 d-------- C:\WINDOWS\system32\W?nSxS
-- Find3M Report ---------------------------------------------------------------
2008-05-23 16:15:52 0 d-------- C:\Program Files\MSN Gaming Zone
2008-05-20 18:04:42 0 d-------- C:\Program Files\Common Files
2008-05-20 06:55:25 0 d-------- C:\Program Files\Java
2008-05-19 22:15:06 0 d-------- C:\Program Files\Movie Maker
2008-05-12 19:51:07 0 d-------- C:\Documents and Settings\Darrin\Application Data\Image Zone Express
2008-05-12 09:15:37 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-12 09:13:22 0 d-------- C:\Documents and Settings\Darrin\Application Data\AdobeUM
2008-05-02 21:19:31 0 d-------- C:\Program Files\DivX
2008-05-02 21:19:31 0 d-------- C:\Program Files\DiscWizard for Windows
2008-05-02 21:19:30 0 d-------- C:\Program Files\BitLord
2008-05-02 21:19:29 0 d-------- C:\Program Files\AVI DivX MPEG to DVD Converter & Burner Pro
2008-05-02 21:19:29 0 d-------- C:\Program Files\All Video to VCD SVCD DVD Creator & Burner
2008-05-02 21:19:29 0 d-------- C:\Program Files\AIM
2008-05-02 21:19:28 0 d-------- C:\Program Files\Messenger
2008-04-25 22:36:03 0 d-------- C:\Program Files\PokerStars
2008-04-19 17:47:00 406731 --ahs---- C:\WINDOWS\system32\XyaKTvut.ini2
2008-04-19 17:16:45 14848 --a------ C:\Xmmo.exe
2008-04-13 18:08:17 270093 --ahs---- C:\WINDOWS\system32\LkRqAcdd.ini2
2008-04-13 15:25:30 24576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe <Not Verified; Atribune.org; Vundofix Service>
2008-04-13 12:55:21 0 d-------- C:\Program Files\Common Files\??pPatch
2008-04-08 06:52:38 0 d-------- C:\Documents and Settings\Darrin\Application Data\Malwarebytes
2008-04-07 12:11:44 164 --a------ C:\install.dat
2008-04-06 15:31:19 0 d-------- C:\Program Files\SUPERAntiSpyware
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{27495A37-8BCD-4998-9D4D-6D16EA08DBAA}]
C:\WINDOWS\system32\rqRIxwxV.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2CA67310-5655-4921-A559-3C458441E3DF}]
C:\WINDOWS\system32\xxyayAtu.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4EBEF150-1106-48C2-8E3D-F11AEE7AA178}]
C:\WINDOWS\system32\tuvTKayX.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8334A30C-49E5-489a-B63D-5B927C1EF46E}]
C:\Program Files\QdrDrive\QdrDrive15.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B1BE9075-C0AB-4DB8-9D88-47E2B9A1B68E}]
C:\WINDOWS\system32\opnonNHW.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{eb123a9b-9dc6-43e2-9dbd-4a6b59c54ae9}]
C:\WINDOWS\system32\xkfbmylj.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EB8C4F8E-A738-F5E8-1797-D08F725B7896}]
C:\WINDOWS\system32\bfqrwmm.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="F:\qttask.exe" [02/16/2007 10:54 AM]
"NvCplDaemon"="RUNDLL32.exe" [08/04/2004 02:56 AM C:\WINDOWS\system32\rundll32.exe]
"!AVG Anti-Spyware"="F:\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 04:25 AM]
"bmjwnsdg"="regsvr32 /u C:\Documents and Settings\All Users\Application Data\bmjwnsdg.dll" []
"dolctohy"="regsvr32 /u C:\Documents and Settings\All Users\Application Data\dolctohy.dll" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [01/04/2008 08:56 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FreeRAM XP"="C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" []
"MICROS~1"="C:\WINDOWS\Mircosoft Network.exe" []
"Zvgre"="C:\Documents and Settings\Darrin\My Documents\W?nSxS\m?iexec.exe" []
"pywxxenx"="C:\WINDOWS\system32\dwvejmju.exe" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 11:24 AM]
"areslite"="C:\Program Files\Ares Lite Edition\AresLite.exe" []
"AIM"="C:\Program Files\AIM\aim.exe" [04/27/2004 05:18 PM]
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []
C:\Documents and Settings\Darrin\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [7/9/2004 5:53:35 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [7/9/2004 5:53:35 AM]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [4/23/2008 3:38:16 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)
"DisableTaskMgr"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)
"DisableTaskMgr"=1 (0x1)
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 02:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 02:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khfEUoOi]
khfEUoOi.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= :\WINDOWS\system3
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msaps, schannel.dll, digest.dll, msns,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08 hpqddsvc
*Newly Created Service* - SYSMONLOG
-- End of Deckard's System Scanner: finished at 2008-06-03 17:58:09 ------------
My report from Kaspersky
KASPERSKY ONLINE SCANNER REPORT
Tuesday, June 03, 2008 9:12:51 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 3/06/2008
Kaspersky Anti-Virus database records: 826890
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
G:\
Scan Statistics
Total number of scanned objects 111248
Number of viruses found 29
Number of infected objects 113
Number of suspicious objects 1
Duration of the scan process 02:29:41
Infected Object Name Virus Name Last Action
C:\6AA.tmp Infected: Trojan-Downloader.Win32.Small.gvr skipped
C:\Documents and Settings\Darrin\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.35968 Infected: Trojan-Downloader.Win32.PurityScan.gb skipped
C:\Documents and Settings\Darrin\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.50664 Infected: Trojan-Downloader.Win32.PurityScan.gb skipped
C:\Documents and Settings\Darrin\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.79741 Infected: Trojan-Downloader.Win32.PurityScan.gb skipped
C:\Documents and Settings\Darrin\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.81030 Infected: Trojan-Clicker.Win32.Agent.tg skipped
C:\Documents and Settings\Darrin\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.85856 Infected: Trojan-Clicker.Win32.Agent.tg skipped
C:\Documents and Settings\Darrin\areslite181.exe/data0016/NHInstall.exe Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped
C:\Documents and Settings\Darrin\areslite181.exe/data0016/v2.0.2.cab/NHUninstaller.exe Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped
C:\Documents and Settings\Darrin\areslite181.exe/data0016/v2.0.2.cab/NHelper.dll Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped
C:\Documents and Settings\Darrin\areslite181.exe/data0016/v2.0.2.cab/NHUpdater.exe Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped
C:\Documents and Settings\Darrin\areslite181.exe/data0016/v2.0.2.cab Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped
C:\Documents and Settings\Darrin\areslite181.exe/data0016 Infected: not-a-virus:AdWare.Win32.NavExcel.b skipped
C:\Documents and Settings\Darrin\areslite181.exe NSIS: infected - 6 skipped
C:\Documents and Settings\Darrin\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Darrin\Incomplete\T-5745425-opie and anthony 8 track porn.mp3 Infected: Trojan-Downloader.WMA.Wimad.n skipped
C:\Documents and Settings\Darrin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Darrin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Darrin\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Darrin\Local Settings\History\History.IE5\MSHist012008060320080604\index.dat Object is locked skipped
C:\Documents and Settings\Darrin\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Darrin\ntuser.dat Object is locked skipped
C:\Documents and Settings\Darrin\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Norton AntiVirus\Quarantine\0B5B1826.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\0DA5000D.htm Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton AntiVirus\Quarantine\10137AC8 Infected: Trojan.Java.ClassLoader.d skipped
C:\Program Files\Norton AntiVirus\Quarantine\10751189.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\10751189.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\10751189.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Program Files\Norton AntiVirus\Quarantine\10751189.zip ZIP: infected - 3 skipped
C:\Program Files\Norton AntiVirus\Quarantine\10751189.zip CryptFF: infected - 3 skipped
C:\Program Files\Norton AntiVirus\Quarantine\13D11C46 Infected: Trojan.Java.ClassLoader.d skipped
C:\Program Files\Norton AntiVirus\Quarantine\198C4BB4.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton AntiVirus\Quarantine\198C4BB4.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\198C4BB4.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton AntiVirus\Quarantine\198C4BB4.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton AntiVirus\Quarantine\198C4BB4.zip ZIP: infected - 4 skipped
C:\Program Files\Norton AntiVirus\Quarantine\198C4BB4.zip CryptFF: infected - 4 skipped
C:\Program Files\Norton AntiVirus\Quarantine\198F75B1.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton AntiVirus\Quarantine\199649A9.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton AntiVirus\Quarantine\199973A6.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\19A0479F.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton AntiVirus\Quarantine\1F821EF3 Infected: P2P-Worm.Win32.SdDrop.e skipped
C:\Program Files\Norton AntiVirus\Quarantine\21FD6B62.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\21FD6B62.zip ZIP: infected - 1 skipped
C:\Program Files\Norton AntiVirus\Quarantine\21FD6B62.zip CryptFF: infected - 1 skipped
C:\Program Files\Norton AntiVirus\Quarantine\2B534DDC Infected: Trojan.Win32.StartPage.ta skipped
C:\Program Files\Norton AntiVirus\Quarantine\2E0E0EBC Infected: Trojan-Dropper.Win32.Delf.z skipped
C:\Program Files\Norton AntiVirus\Quarantine\3055057A Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\30592F77 Infected: Trojan.Java.ClassLoader.h skipped
C:\Program Files\Norton AntiVirus\Quarantine\396D0258 Infected: Trojan.Java.Femad skipped
C:\Program Files\Norton AntiVirus\Quarantine\3D4C6C7B.class Infected: Trojan.Java.ClassLoader.Dummy.d skipped
C:\Program Files\Norton AntiVirus\Quarantine\45463843.htm Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton AntiVirus\Quarantine\45496240.htm Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton AntiVirus\Quarantine\4A4B1CC9 Infected: Trojan.Java.ClassLoader.u skipped
C:\Program Files\Norton AntiVirus\Quarantine\4CDE7E3D.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\4CDE7E3D.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\4CDE7E3D.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Program Files\Norton AntiVirus\Quarantine\4CDE7E3D.zip ZIP: infected - 3 skipped
C:\Program Files\Norton AntiVirus\Quarantine\4CDE7E3D.zip CryptFF: infected - 3 skipped
C:\Program Files\Norton AntiVirus\Quarantine\4D0C08B9.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\4D0C08B9.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\4D0C08B9.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Program Files\Norton AntiVirus\Quarantine\4D0C08B9.zip ZIP: infected - 3 skipped
C:\Program Files\Norton AntiVirus\Quarantine\4D0C08B9.zip CryptFF: infected - 3 skipped
C:\Program Files\Norton AntiVirus\Quarantine\5AC26723 Infected: Trojan-Clicker.Win32.VB.cn skipped
C:\Program Files\Norton AntiVirus\Quarantine\64905EBA.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton AntiVirus\Quarantine\64905EBA.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton AntiVirus\Quarantine\64905EBA.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\64905EBA.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton AntiVirus\Quarantine\64905EBA.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton AntiVirus\Quarantine\64905EBA.zip ZIP: infected - 4 skipped
C:\Program Files\Norton AntiVirus\Quarantine\64905EBA.zip CryptFF: infected - 4 skipped
C:\Program Files\Norton AntiVirus\Quarantine\649632B3.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton AntiVirus\Quarantine\649A5CAF.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\66AD38FD.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\66AD38FD.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\66AD38FD.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Program Files\Norton AntiVirus\Quarantine\66AD38FD.zip ZIP: infected - 3 skipped
C:\Program Files\Norton AntiVirus\Quarantine\66AD38FD.zip CryptFF: infected - 3 skipped
C:\Program Files\Norton AntiVirus\Quarantine\6CFC7E5B.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\6CFC7E5B.htm Suspicious: Exploit.HTML.Mht skipped
C:\Program Files\Norton AntiVirus\Quarantine\756243F0.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton AntiVirus\Quarantine\756243F0.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\756243F0.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton AntiVirus\Quarantine\756243F0.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton AntiVirus\Quarantine\756243F0.zip ZIP: infected - 4 skipped
C:\Program Files\Norton AntiVirus\Quarantine\756243F0.zip CryptFF: infected - 4 skipped
C:\Program Files\Norton AntiVirus\Quarantine\75666DED.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton AntiVirus\Quarantine\756917E9.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton AntiVirus\Quarantine\756C41E6.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton AntiVirus\Quarantine\777B78CE Infected: Trojan.Java.ClassLoader.h skipped
C:\Program Files\Norton AntiVirus\Quarantine\797E530C Infected: Trojan.Java.Femad skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\000080.exe.vir/data0002 Infected: Trojan-Downloader.Win32.PurityScan.gb skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\000080.exe.vir NSIS: infected - 1 skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\frlvqgnv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.mvn skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\tuvUNdby.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.mhf skipped
C:\qoobox\Quarantine\catchme2008-04-06_132759.84.zip/Documents and Settings/Darrin/Desktop/catchme.zip/cbXNDVOG.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.mxi skipped
C:\qoobox\Quarantine\catchme2008-04-06_132759.84.zip/Documents and Settings/Darrin/Desktop/catchme.zip Infected: not-a-virus:AdWare.Win32.Virtumonde.mxi skipped
C:\qoobox\Quarantine\catchme2008-04-06_132759.84.zip ZIP: infected - 2 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{390019C1-01FC-4670-8A4D-504BE0988D2E}\RP237\change.log Object is locked skipped
C:\VundoFix Backups\jvdfglog.dll.bad Infected: Trojan.Win32.Monder.gen skipped
C:\VundoFix Backups\lmfuttbc.dll.bad Infected: Trojan.Win32.Monder.gen skipped
C:\VundoFix Backups\nwvirpes.dll.bad Infected: Trojan.Win32.Monder.gen skipped
C:\VundoFix Backups\opnonNHW.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.mxi skipped
C:\VundoFix Backups\ouswquex.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.mvn skipped
C:\VundoFix Backups\qoebilfx.dll.bad Infected: Trojan.Win32.Monder.gen skipped
C:\VundoFix Backups\rqRIaXRK.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.mhf skipped
C:\VundoFix Backups\tuvUNdby.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.mhf skipped
C:\VundoFix Backups\usinlmnq.dll.bad Infected: Trojan.Win32.Monder.gen skipped
C:\VundoFix Backups\xgaxywyy.dll.bad Infected: Trojan.Win32.Monder.gen skipped
C:\VundoFix Backups\yfanpmfn.dll.bad Infected: Trojan.Win32.Monder.gen skipped
C:\VundoFix Backups\yoqisvye.dll.bad Infected: Trojan.Win32.Monder.gen skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{6DB050AE-983B-4F67-9A93-C2F2EBB1920F}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\LD247.tmp/stream/data0001 Infected: not-a-virus:AdWare.Win32.AdBand.q skipped
C:\WINDOWS\system32\LD247.tmp/stream/data0002 Infected: not-a-virus:AdWare.Win32.Agent.bgv skipped
C:\WINDOWS\system32\LD247.tmp/stream/data0004 Infected: not-a-virus:AdWare.Win32.Agent.aev skipped
C:\WINDOWS\system32\LD247.tmp/stream Infected: not-a-virus:AdWare.Win32.Agent.aev skipped
C:\WINDOWS\system32\LD247.tmp NSIS: infected - 4 skipped
C:\WINDOWS\system32\LD598.tmp/stream/data0001 Infected: not-a-virus:AdWare.Win32.AdBand.q skipped
C:\WINDOWS\system32\LD598.tmp/stream/data0002 Infected: not-a-virus:AdWare.Win32.Agent.bgv skipped
C:\WINDOWS\system32\LD598.tmp/stream/data0004 Infected: not-a-virus:AdWare.Win32.Agent.aev skipped
C:\WINDOWS\system32\LD598.tmp/stream Infected: not-a-virus:AdWare.Win32.Agent.aev skipped
C:\WINDOWS\system32\LD598.tmp NSIS: infected - 4 skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\MsDtc\MSDTC.LOG Object is locked skipped
C:\WINDOWS\system32\MsDtc\Trace\dtctrace.log Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\Xmmo.exe Infected: Trojan-Downloader.Win32.Small.uww skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
F:\System Volume Information\_restore{390019C1-01FC-4670-8A4D-504BE0988D2E}\RP237\change.log Object is locked skipped
Scan process completed.
again thanks for helping me ive been battling this for weeks
This topic is locked
Sign In
Create Account
