I am really having problems from Pop Ups to not being able to surf the web.
I have run all different Virus and adware removel tools, no luck.
I have logs from ComboFix, TrendMIrco HiJackThis and Kaspersky.
Please help me before I format my system.
ComboFix 08-06-20.4 - gzan 2008-06-22 19:06:06.2 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1665 [GMT -4:00]
Running from: C:\Documents and Settings\gzan\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINXP\BM8b055889.xml
C:\WINXP\pskt.ini
.
---- Previous Run -------
.
C:\WINXP\BM8b055889.xml
C:\WINXP\cookies.ini
C:\WINXP\pskt.ini
C:\WINXP\system32\accdd.ini
C:\WINXP\system32\accdd.ini2
C:\WINXP\system32\amtwwiwo.ini
C:\WINXP\system32\ayntkrob.dll
C:\WINXP\system32\bbJiknpo.ini
C:\WINXP\system32\bbJiknpo.ini2
C:\WINXP\system32\BdfOrtwa.ini
C:\WINXP\system32\BdfOrtwa.ini2
C:\WINXP\system32\biquyttt.dll
C:\WINXP\system32\bsxgkvot.dll
C:\WINXP\system32\cdvugwve.ini
C:\WINXP\system32\cijaelnx.ini
C:\WINXP\system32\cIllmUvw.ini
C:\WINXP\system32\cIllmUvw.ini2
C:\WINXP\system32\ckrvlqmk.dll
C:\WINXP\system32\cmrugvlv.dll
C:\WINXP\system32\deweywnf.ini
C:\WINXP\system32\dtrqhexs.ini
C:\WINXP\system32\dyhmxkrn.ini
C:\WINXP\system32\eaisswin.dll
C:\WINXP\system32\efhQtBeg.ini
C:\WINXP\system32\efhQtBeg.ini2
C:\WINXP\system32\egxwahsv.ini
C:\WINXP\system32\EOVDLkkj.ini
C:\WINXP\system32\EOVDLkkj.ini2
C:\WINXP\system32\fghtoewy.ini
C:\WINXP\system32\fMSsvyxx.ini
C:\WINXP\system32\fMSsvyxx.ini2
C:\WINXP\system32\fOrXbccf.ini
C:\WINXP\system32\fOrXbccf.ini2
C:\WINXP\system32\fxgurkow.dll
C:\WINXP\system32\gaidnrxm.dll
C:\WINXP\system32\GhQqWvut.ini
C:\WINXP\system32\GhQqWvut.ini2
C:\WINXP\system32\gsuhusmt.ini
C:\WINXP\system32\hgGvTLca.dll
C:\WINXP\system32\hvsnoqra.ini
C:\WINXP\system32\ihjnrtab.ini
C:\WINXP\system32\iifgHwwt.dll
C:\WINXP\system32\ilVvyyxx.ini
C:\WINXP\system32\ilVvyyxx.ini2
C:\WINXP\system32\jklkmUvw.ini
C:\WINXP\system32\jklkmUvw.ini2
C:\WINXP\system32\jolwfnut.ini
C:\WINXP\system32\jviwvfyt.dll
C:\WINXP\system32\jyqqbsep.ini
C:\WINXP\system32\klicpvvk.ini
C:\WINXP\system32\lgluaxbr.dll
C:\WINXP\system32\mcfmhkbb.ini
C:\WINXP\system32\mcrh.tmp
C:\WINXP\system32\mmllm.ini2
C:\WINXP\system32\mtxdsmgt.ini
C:\WINXP\system32\mVEdLRqr.ini
C:\WINXP\system32\mVEdLRqr.ini2
C:\WINXP\system32\mxrndiag.ini
C:\WINXP\system32\nmyvabla.dll
C:\WINXP\system32\nqpmjivs.dll
C:\WINXP\system32\owiwwtma.dll
C:\WINXP\system32\pesbqqyj.dll
C:\WINXP\system32\porqBcfe.ini
C:\WINXP\system32\porqBcfe.ini2
C:\WINXP\system32\psvxyyxx.ini
C:\WINXP\system32\psvxyyxx.ini2
C:\WINXP\system32\pXaHNqss.ini
C:\WINXP\system32\pXaHNqss.ini2
C:\WINXP\system32\qabnlfne.dll
C:\WINXP\system32\qtvwa.ini2
C:\WINXP\system32\rbxaulgl.ini
C:\WINXP\system32\sdqtwwmp.ini
C:\WINXP\system32\sxehqrtd.dll
C:\WINXP\system32\tmsuhusg.dll
C:\WINXP\system32\tovkgxsb.ini
C:\WINXP\system32\tuwxxyay.ini
C:\WINXP\system32\tuwxxyay.ini2
C:\WINXP\system32\twwHgfii.ini
C:\WINXP\system32\twwHgfii.ini2
C:\WINXP\system32\uxwEOqru.ini
C:\WINXP\system32\uxwEOqru.ini2
C:\WINXP\system32\vcbnfhhs.dll
C:\WINXP\system32\vDdMUvut.ini
C:\WINXP\system32\vDdMUvut.ini2
C:\WINXP\system32\vEdKlUtv.ini
C:\WINXP\system32\vEdKlUtv.ini2
C:\WINXP\system32\vGgjQqss.ini
C:\WINXP\system32\vGgjQqss.ini2
C:\WINXP\system32\vlvgurmc.ini
C:\WINXP\system32\vtnbmqko.ini
C:\WINXP\system32\wjfowuqs.dll
C:\WINXP\system32\wqjqosdt.dll
C:\WINXP\system32\wwogqjql.ini
C:\WINXP\system32\xpujrrcd.ini
C:\WINXP\system32\XxxEgfii.ini
C:\WINXP\system32\XxxEgfii.ini2
C:\WINXP\system32\ycaoamsr.ini
C:\WINXP\system32\yFNooUtv.ini
C:\WINXP\system32\yFNooUtv.ini2
C:\WINXP\system32\yweothgf.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CMDSERVICE
-------\Legacy_NETWORK_MONITOR
((((((((((((((((((((((((( Files Created from 2008-05-22 to 2008-06-22 )))))))))))))))))))))))))))))))
.
2008-06-22 18:53 . 2008-06-13 09:10 272,128 --------- C:\WINXP\system32\dllcache\bthport.sys
2008-06-22 18:52 . 2008-06-22 18:52 <DIR> d-------- C:\WINXP\LastGood
2008-06-22 17:53 . 2008-06-22 17:53 <DIR> d-------- C:\VundoFix Backups
2008-06-22 17:13 . 2008-06-22 17:17 <DIR> d-------- C:\Documents and Settings\gzan\Application Data\Uniblue
2008-06-22 14:16 . 2008-06-22 14:16 80,384 --a------ C:\WINXP\system32\vshawxge.dll
2008-06-22 14:13 . 2008-06-22 14:13 99,328 --a------ C:\WINXP\system32\xoelflpm.dll
2008-06-22 14:10 . 2008-06-22 14:10 90,624 --a------ C:\WINXP\system32\ohkwwmkc.dll
2008-06-22 09:32 . 2008-06-22 09:32 80,384 --a------ C:\WINXP\system32\evwguvdc.dll
2008-06-22 09:29 . 2008-06-22 09:29 99,328 --a------ C:\WINXP\system32\xonupcvt.dll
2008-06-22 09:26 . 2008-06-22 09:26 90,624 --a------ C:\WINXP\system32\skifmikl.dll
2008-06-21 10:53 . 2008-06-21 10:53 81,408 --a------ C:\WINXP\system32\okqmbntv.dll
2008-06-21 10:51 . 2008-06-21 10:51 99,328 --a------ C:\WINXP\system32\kfmoggcs.dll
2008-06-21 10:51 . 2008-06-21 10:51 90,112 --a------ C:\WINXP\system32\kdktrssw.dll
2008-06-20 18:05 . 2008-06-20 18:05 99,328 --a------ C:\WINXP\system32\vrldfhsu.dll
2008-06-20 18:02 . 2008-06-20 18:02 90,624 --a------ C:\WINXP\system32\xfgfujyd.dll
2008-06-20 18:02 . 2008-06-20 18:02 79,872 --a------ C:\WINXP\system32\lqjqgoww.dll
2008-06-16 01:18 . 2008-06-16 01:18 <DIR> d--hs---- C:\$RECYCLE.BIN
2008-06-11 15:38 . 2008-06-11 15:40 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\Lavasoft
2008-06-10 12:48 . 2007-10-15 19:39 102,664 --a------ C:\WINXP\system32\drivers\tmcomm.sys
2008-06-07 00:07 . 2008-06-07 00:07 <DIR> d-------- C:\Program Files\Apple Software Update
2008-06-07 00:07 . 2008-06-07 00:07 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\Apple Computer
2008-06-07 00:07 . 2008-06-07 00:07 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\Apple
2008-05-24 17:28 . 2008-05-24 17:28 <DIR> d-------- C:\Documents and Settings\gzan\Application Data\acccore
2008-05-24 17:26 . 2008-05-24 17:26 <DIR> d-------- C:\Documents and Settings\gzan\Application Data\Viewpoint
2008-05-24 17:26 . 2008-05-24 17:26 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\Viewpoint
2008-05-24 17:25 . 2008-05-24 17:25 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\AOL OCP
2008-05-24 17:25 . 2008-05-24 17:25 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\AOL
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-22 23:01 --------- d-----w C:\Program Files\Symantec AntiVirus 10
2008-06-22 22:57 --------- d-----w C:\Documents and Settings\gzan\Application Data\DNA
2008-06-22 02:59 --------- d-----w C:\Program Files\WinstonPoker
2008-06-22 02:52 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-06-22 02:37 --------- d-----w C:\Program Files\Coupons
2008-06-16 07:18 --------- d-----w C:\Program Files\Common Files\Media
2008-06-13 13:10 272,128 ----a-w C:\WINXP\system32\drivers\bthport.sys
2008-06-11 19:39 --------- d-----w C:\Program Files\Lavasoft
2008-06-11 19:39 --------- d-----w C:\Documents and Settings\gzan\Application Data\Lavasoft
2008-06-07 22:34 --------- d-----w C:\Documents and Settings\gzan\Application Data\BitTorrent
2008-06-07 19:55 --------- d-----w C:\Documents and Settings\gzan\Application Data\LimeWire
2008-06-07 15:09 --------- d-----w C:\Program Files\Games
2008-06-07 04:08 --------- d-----w C:\Program Files\QuickTime
2008-05-24 21:26 --------- d-----w C:\Program Files\Viewpoint
2008-05-24 21:25 --------- d-----w C:\Program Files\Common Files\AOL
2008-05-16 15:58 12,632 ----a-w C:\WINXP\system32\lsdelete.exe
2008-05-13 18:03 98,304 ----a-w C:\WINXP\DUMP5bfa.tmp
2008-05-11 13:11 --------- d-----w C:\Documents and Settings\gzan\Application Data\AdobeUM
2008-05-10 16:38 98,304 ----a-w C:\WINXP\DUMP5b7d.tmp
2008-05-08 15:03 98,304 ----a-w C:\WINXP\DUMP6282.tmp
2008-05-08 12:28 202,752 ----a-w C:\WINXP\system32\drivers\rmcast.sys
2008-05-08 12:28 202,752 ----a-w C:\WINXP\system32\dllcache\rmcast.sys
2008-05-07 11:20 98,304 ----a-w C:\WINXP\DUMP6503.tmp
2008-05-07 05:18 1,287,680 ----a-w C:\WINXP\system32\quartz.dll
2008-05-07 05:18 1,287,680 ------w C:\WINXP\system32\dllcache\quartz.dll
2008-05-04 17:54 --------- d-----w C:\Program Files\Lexmark 3100 Series
2008-05-03 01:27 --------- d-----w C:\Documents and Settings\gzan\Application Data\GoodSync
2008-04-29 15:20 15,648 ----a-w C:\WINXP\system32\drivers\NSDriver.sys
2008-04-29 15:19 15,648 ----a-w C:\WINXP\system32\drivers\Awrtrd.sys
2008-04-29 15:19 12,960 ----a-w C:\WINXP\system32\drivers\Awrtpd.sys
2008-04-24 02:16 3,591,680 ----a-w C:\WINXP\system32\dllcache\mshtml.dll
2008-04-23 23:00 --------- d-----w C:\Documents and Settings\All Users.WINXP\Application Data\GamesForOne
2008-04-22 07:40 625,664 ------w C:\WINXP\system32\dllcache\iexplore.exe
2008-04-22 07:39 70,656 ------w C:\WINXP\system32\dllcache\ie4uinit.exe
2008-04-22 07:39 13,824 ------w C:\WINXP\system32\dllcache\ieudinit.exe
2008-04-20 05:07 161,792 ----a-w C:\WINXP\system32\dllcache\ieakui.dll
2008-04-04 10:46 98,304 ----a-w C:\WINXP\DUMP61a8.tmp
2008-04-01 23:44 691,545 ----a-w C:\WINXP\unins000.exe
2008-03-27 08:12 151,583 ----a-w C:\WINXP\system32\msjint40.dll
2008-03-27 08:12 151,583 ------w C:\WINXP\system32\dllcache\msjint40.dll
2007-09-27 21:01 630,784 ----a-w C:\Documents and Settings\gzan\GoToAssist_chat2way__317_en.exe
2005-01-05 02:24 45,984 ----a-w C:\Documents and Settings\Administrator\Application Data\GDIPFONTCACHEV1.DAT
2004-04-15 23:03 450,560 ----a-w C:\Documents and Settings\Administrator\chatlnk.exe
2002-10-13 02:00 271 --sha-w C:\Program Files\desktop.ini
2002-10-13 02:00 21,952 ---ha-w C:\Program Files\folder.htt
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A946CA43-D5C4-485B-813E-7EEC73A0183C}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINXP\system32\ctfmon.exe" [2004-08-04 03:56 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 14:39 1289000]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-09 18:02 289088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINXP\system32\NvCpl.dll" [2006-03-09 15:29 7561216]
"nwiz"="nwiz.exe" [2006-03-09 15:29 1519616 C:\WINXP\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 18:07 61952 C:\WINXP\system32\HdAShCut.exe]
"nTrayFw"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2005-07-29 18:25 270336]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2005-06-02 10:21 48752]
"vptray"="C:\PROGRA~1\SYMANT~2\VPTray.exe" [2005-06-23 20:27 85696]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 10:57 133016]
"NvMediaCenter"="NvMCTray.dll" [2006-03-09 15:29 86016 C:\WINXP\system32\nvmctray.dll]
"RTHDCPL"="RTHDCPL.EXE" [2005-12-19 15:52 15797248 C:\WINXP\RTHDCPL.exe]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"Zune Launcher"="c:\Program Files\Zune\ZuneLauncher.exe" [2007-11-15 22:51 166304]
"LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2008-03-14 11:41 498176]
"TMRUBottedTray"="C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe" [2007-12-19 00:18 288088]
"LXBRKsk"="C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe" [2003-06-13 10:57 294912]
"Lexmark 3100 Series"="C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe" [2003-09-03 22:33 106496]
"BM8b055889"="C:\WINXP\system32\kdktrssw.dll" [2008-06-21 10:51 90112]
C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
PowerReg Scheduler V3.exe [2004-07-30 19:24:08 225280]
PowerReg Scheduler.exe [2004-07-14 19:03:34 256000]
C:\Documents and Settings\All Users.WINXP\Start Menu\Programs\Startup\
PC Alert 4.lnk - C:\Program Files\MSI\PC Alert 4\PCAlert4.exe [2007-09-29 09:58:38 552960]
VPN Client.lnk - C:\WINXP\Installer\{3E5562ED-69AB-4CEC-91E2-64E18EC5ACC6}\Icon3E5562ED7.ico [2006-01-01 15:13:40 6144]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.VQC4"= VQ318DEC.dll
[HKLM\~\startupfolder\C:^Documents and Settings^gzan^Start Menu^Programs^Startup^Diskeeper 9 Professional Edition Registration.lnk]
path=C:\Documents and Settings\gzan\Start Menu\Programs\Startup\Diskeeper 9 Professional Edition Registration.lnk
backup=C:\WINXP\pss\Diskeeper 9 Professional Edition Registration.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM8b055889]
--a------ 2008-06-20 18:02 90624 C:\WINXP\system32\xfgfujyd.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
"NeroCheck"=C:\WINXP\system32\NeroCheck.exe
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINXP\\system32\\mmc.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\Utils\\aim\\aim.exe"=
"C:\\Program Files\\Hummingbird\\Connectivity\\7.10\\Exceed\\exceed.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
R3 TMPassthruMP;TMPassthruMP;C:\WINXP\system32\DRIVERS\TMPassthru.sys [2007-11-27 22:51]
S2 lsass;Local Security Authority Subsystem Service;"C:\WINXP\scvhost.exe" []
S2 RUBotted;Trend Micro RUBotted Service;"C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe" [2007-12-19 00:18]
S2 SwsVpkt;Packet driver;C:\WINXP\system32\DRIVERS\SwsVpkt.sys [2006-05-20 15:58]
S2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]
S2 zumbus;Zune Bus Enumerator Driver;C:\WINXP\system32\DRIVERS\zumbus.sys [2007-11-15 22:38]
S2 ZuneBusEnum;Zune Bus Enumerator;c:\WINXP\system32\ZuneBusEnum.exe [2007-11-15 22:51]
S3 Cap7134;TVFM 503 WDM Video Capture;C:\WINXP\system32\DRIVERS\Cap7134.sys [2003-01-25 16:54]
S3 CV2K1;CommView Network Monitor;C:\WINXP\system32\DRIVERS\cv2k1.sys [2006-01-17 21:33]
S3 DCamUSBLTN;M318B Digital Video Camera;C:\WINXP\system32\DRIVERS\vq318vid.sys [2002-04-22 09:28]
S3 TMPassthru;Trend Micro Passthru Ndis Service;C:\WINXP\system32\DRIVERS\TMPassthru.sys [2007-11-27 22:51]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service;c:\WINXP\system32\ZuneWlanCfgSvc.exe [2007-11-15 22:51]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;"C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon80 []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e0026c2-a0b8-11da-a475-00059a3c7800}]
\Shell\AutoRun\command - C:\WINXP\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL usbbackupclient.exe 192.168.1.30
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9bd923d-fcb7-11dc-b2ec-0013d3cc69ec}]
\Shell\AutoRun\command - H:\Launch.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-06-20 13:22:04 C:\WINXP\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-22 21:13:27 C:\WINXP\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-06-22 21:13:25 C:\WINXP\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-22 19:13:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-06-22 19:32:36
ComboFix-quarantined-files.txt 2008-06-22 23:32:34
Pre-Run: 43,842,696,192 bytes free
Post-Run: 43,821,925,376 bytes free
293 --- E O F --- 2008-06-22 23:01:11
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, June 23, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, June 23, 2008 01:57:29
Records in database: 880348
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
G:\
Y:\
Scan statistics:
Files scanned: 296329
Threat name: 77
Infected objects: 230
Suspicious objects: 2
Duration of the scan: 07:54:51
File name / Threat name / Threats count
C:\alldownloads\pkwin95\pk2602ad.exe Infected: not-a-virus:AdWare.Win32.TimeSink 1
C:\Documents and Settings\Administrator\.housecall\Quarantine\CpnMgr.dll.bac_a01952 Infected: not-a-virus:AdWare.Win32.CoolSavings.a 1
C:\Documents and Settings\Administrator\.housecall\Quarantine\disp1050.exe.bac_a01952 Infected: not-a-virus:AdWare.Win32.WebRebates.c 1
C:\Documents and Settings\Administrator\Desktop\appz\Bart\tbar.exe Infected: not-a-virus:AdWare.Win32.Dogpile.a 2
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{FDC62E7D-2E2D-42CE-98D0-715E1EAF91CC}\Microsoft\Outlook Express\addressableSystems.dbx Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.333 1
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{FDC62E7D-2E2D-42CE-98D0-715E1EAF91CC}\Microsoft\Outlook Express\Deleted Items (1).dbx Infected: Email-Worm.Win32.Bagle.pac 1
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{FDC62E7D-2E2D-42CE-98D0-715E1EAF91CC}\Microsoft\Outlook Express\Deleted Items (1).dbx Infected: Email-Worm.Win32.Bagle.bo 1
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{FDC62E7D-2E2D-42CE-98D0-715E1EAF91CC}\Microsoft\Outlook Express\Deleted Items (1).dbx Suspicious: Trojan-Spy.HTML.Fraud.gen 2
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{FDC62E7D-2E2D-42CE-98D0-715E1EAF91CC}\Microsoft\Outlook Express\Deleted Items (1).dbx Infected: Email-Worm.Win32.Bagle.cs 1
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{FDC62E7D-2E2D-42CE-98D0-715E1EAF91CC}\Microsoft\Outlook Express\Inbox.dbx Infected: Trojan-Downloader.Win32.Bagle.e 1
C:\Documents and Settings\Administrator\My Documents\Cablevision workstuff\Voom\gponick\My Documents\zips\vnc_x86_win32.zip Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.333 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05B80000.VBN Infected: not-a-virus:AdWare.Win32.PerMedia 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05B80002.VBN Infected: not-a-virus:AdWare.Win32.PerMedia 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05B80004.VBN Infected: not-a-virus:AdWare.Win32.PerMedia 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05B80006.VBN Infected: not-a-virus:AdWare.Win32.PerMedia 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01180000\451AF5A3.VBN Infected: not-a-virus:Monitor.Win32.NetMon.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540000\47F40E1B.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540000\47F40E1C.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.aa 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540000\47F40E1D.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540001\47F40E25.VBN Infected: Trojan-Downloader.Win32.Dyfuca.ei 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540002\47F40E27.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.e 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540003\47F40E7B.VBN Infected: Trojan-Downloader.Win32.IstBar.gen 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540004\47F40E7F.VBN Infected: not-a-virus:AdWare.Win32.Mirar.b 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540005\47F40E82.VBN Infected: not-a-virus:AdWare.Win32.Ucmore.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540005\47F40E83.VBN Infected: not-a-virus:AdWare.Win32.Ucmore 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540005\47F40E84.VBN Infected: not-a-virus:AdWare.Win32.Ucmore.g 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540006\47F42148.VBN Infected: Trojan-Downloader.Win32.IstBar.ir 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540008\47F422A8.VBN Infected: Trojan-Downloader.JS.IstBar.j 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540009\47F422B1.VBN Infected: Trojan-Clicker.JS.Linker.j 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454000A\47F422BC.VBN Infected: Trojan-Downloader.Win32.VB.ov 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454000C.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454000D.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454000E\47F422D3.VBN Infected: Trojan-Downloader.Win32.Adload.o 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454000F\47F422DD.VBN Infected: Trojan-Downloader.JS.IstBar.j 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540010\47F422E6.VBN Infected: Trojan-Downloader.JS.Small.ag 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540011\47F422F0.VBN Infected: Trojan-Downloader.Win32.IstBar.or 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540012\47F4297C.VBN Infected: Backdoor.Win32.SdBot.alz 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540013\47F43889.VBN Infected: Trojan-Downloader.Win32.TSUpdate.l 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540014\47F43895.VBN Infected: Trojan-Downloader.Win32.TSUpdate.p 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540015\47F438A0.VBN Infected: Trojan-Downloader.Win32.TSUpdate.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540017\47F43AEA.VBN Infected: not-a-virus:AdTool.Win32.WhenU.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540018\47F43ED6.VBN Infected: not-a-virus:AdWare.Win32.Sud.e 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540019\47F43EEC.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001A\47F43EF8.VBN Infected: Trojan-Downloader.Win32.Qoologic.az 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001B\47F43F0A.VBN Infected: Trojan.Win32.Pakes 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001C\47F43F15.VBN Infected: Trojan-Downloader.Win32.Qoologic.bd 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001D\47F43FC1.VBN Infected: not-a-virus:AdWare.Win32.CommAd.a 2
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001D\47F43FC1.VBN Infected: not-a-virus:Monitor.Win32.NetMon.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001E\47F43FCC.VBN Infected: Trojan-Downloader.Win32.IstBar.or 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001F\47F43FD6.VBN Infected: Trojan-Downloader.Win32.TSUpdate.n 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001F\47F43FD6.VBN Infected: Trojan-Downloader.Win32.TSUpdate.p 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001F\47F43FD6.VBN Infected: Trojan-Downloader.Win32.TSUpdate.l 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001F\47F43FD6.VBN Infected: Trojan-Downloader.Win32.TSUpdate.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540020.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540021.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540022\47F43FE0.VBN Infected: not-a-virus:AdWare.Win32.Mirar.d 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540023\47F43FE9.VBN Infected: not-a-virus:AdWare.Win32.Mirar.d 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540024\47F43FF2.VBN Infected: not-a-virus:AdWare.Win32.Mirar.d 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540025\47F43FFC.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.j 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540026\47F44039.VBN Infected: not-a-virus:AdWare.Win32.SaveNow.bj 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540027\47F44042.VBN Infected: Trojan-Downloader.Win32.VB.ov 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540028.VBN Infected: not-a-virus:AdWare.Win32.MediaMotor.k 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540029.VBN Infected: not-a-virus:AdWare.Win32.MediaMotor.k 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454002A\47F44056.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.351 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454002A\47F44056.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 4
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454002D\47F445AE.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454002E\47F445B7.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.351 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454002F\47F445C0.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540031\47F445D2.VBN Infected: not-a-virus:AdWare.Win32.Sud.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540032\47F445DA.VBN Infected: not-a-virus:AdWare.Win32.MediaMotor.k 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540033\47F445E5.VBN Infected: Trojan-Downloader.Win32.TSUpdate.n 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540034\47F445EE.VBN Infected: Backdoor.Win32.SdBot.alz 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540035\47F445F7.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540036\47F4460A.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540037\47F44615.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540038\47F44621.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540039\47F4462C.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454003A\47F44636.VBN Infected: Trojan-Dropper.Win32.Small.qn 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454003B\47F4463F.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.351 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454003C\47F44648.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454003D\47F44651.VBN Infected: not-a-virus:AdWare.Win32.Suggestor.o 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454003E\47F4465A.VBN Infected: not-a-virus:AdWare.Win32.Suggestor.o 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454003F\47F44664.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540040\47F4466D.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540041\47F44675.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540042\47F4467E.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540043\47F44687.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.351 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540043\47F44687.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 4
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540044\47F44690.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540045\47F4469A.VBN Infected: not-a-virus:AdWare.Win32.CommAd.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540046\47F446A4.VBN Infected: not-a-virus:AdWare.Win32.CommAd.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540048\47F446B6.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.e 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540049\47F446C5.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.e 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454004A\47F446CE.VBN Infected: not-a-virus:AdWare.Win32.Mirar.b 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454004B\47F446D7.VBN Infected: Trojan-Downloader.Win32.Dyfuca.ei 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454004C\47F446E0.VBN Infected: not-a-virus:AdWare.Win32.Ucmore.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454004D\47F446E9.VBN Infected: not-a-virus:AdWare.Win32.Ucmore 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454004E\47F446F2.VBN Infected: Trojan-Downloader.Win32.IstBar.ir 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454004F\47F446FC.VBN Infected: Trojan-Downloader.Win32.TSUpdate.l 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540050\47F44704.VBN Infected: Trojan-Downloader.Win32.TSUpdate.p 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540051\47F4470F.VBN Infected: Trojan-Downloader.Win32.TSUpdate.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540052\47F44718.VBN Infected: not-a-virus:AdWare.Win32.Ucmore.g 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540054\47F4472B.VBN Infected: not-a-virus:AdWare.Win32.SaveNow.bj 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540055.VBN Infected: not-a-virus:AdWare.Win32.MediaMotor.k 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540056.VBN Infected: not-a-virus:AdWare.Win32.MediaMotor.k 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540058\47F4473C.VBN Infected: not-a-virus:AdTool.Win32.WhenU.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540059\47F44745.VBN Infected: not-a-virus:AdWare.Win32.Sud.e 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005A\47F44750.VBN Infected: Trojan-Downloader.Win32.Qoologic.az 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005B\47F4475C.VBN Infected: Trojan.Win32.Pakes 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005C\47F44767.VBN Infected: Trojan-Downloader.Win32.Qoologic.bd 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005D\47F44770.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.351 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005D\47F44770.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 4
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005E\47F448B5.VBN Infected: Trojan-Dropper.Win32.Small.qn 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005F\47F448C6.VBN Infected: Trojan-Downloader.Win32.TSUpdate.o 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540060\47F448CF.VBN Infected: Trojan-Downloader.Win32.Small.buy 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540061\47F448D8.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04940000\47FD3468.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\05040000\45055EB0.VBN Infected: Trojan-Downloader.Win32.Small.bmx 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\060C0000\47ECB48E.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\060C0000\47ECB48F.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.aa 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\060C0000\47ECB490.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\06BC0000\47FFE70B.VBN Infected: Trojan-Downloader.Win32.IstBar.gen 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240000\4BE40B4B.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ak 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240000\4BE40B4C.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240000\4BE40B4D.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.aa 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240000\4BE40B4E.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240001\4BE40B6A.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240001\4BE40B6B.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240001\4BE40B6C.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240001\4BE40B6D.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240002.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kts 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08380000\4BFBCA76.VBN Infected: Trojan-Clicker.JS.Linker.j 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08380001\4BFBCAAA.VBN Infected: Trojan-Downloader.JS.Small.ag 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08A00000.VBN Infected: Backdoor.Win32.SdBot.alz 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09000000\4BE3FFAA.VBN Infected: not-a-virus:AdWare.Win32.Sud.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09BC0000\4BFD2136.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09BC0000\4BFD2137.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.aa 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09BC0000\4BFD2138.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ak 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09BC0001\4BFD3A47.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.aa 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09BC0001\4BFD3A48.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ak 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09BC0001\4BFD3A49.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09C80000.VBN Infected: Trojan-Downloader.Win32.Small.cam 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A9C0000\4BFCCC42.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AA80000.VBN Infected: Trojan-Downloader.Win32.Adload.l 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB80000\4EB873D0.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.i 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AF00000\4BF96851.VBN Infected: Trojan-Downloader.Win32.VB.ri 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BA80000\4FA81629.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BA80000\4FA81629.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.aa 2
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BA80000\4FA81629.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ak 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80000\4FF96B46.VBN Infected: Trojan.Win32.StartPage.ahg 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80001\4FF96B5A.VBN Infected: Trojan-Clicker.Win32.VB.kc 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80002.VBN Infected: Trojan-Downloader.Win32.VB.vr 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80003\4FF987D9.VBN Infected: Trojan.Win32.StartPage.ahg 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80004\4FF987ED.VBN Infected: Trojan-Downloader.Win32.VB.ri 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80005\4FF987FE.VBN Infected: Trojan-Downloader.Win32.VB.vr 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80006\4FF98810.VBN Infected: Trojan-Clicker.Win32.VB.kc 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0000\4FFC0BD0.VBN Infected: not-a-virus:AdWare.Win32.Suggestor.o 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0000\4FFC0BD1.VBN Infected: not-a-virus:AdWare.Win32.Suggestor.o 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0001\4FFC0BE5.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.351 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0001\4FFC0BE6.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0001\4FFC0BE7.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0001\4FFC0BE9.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0001\4FFC0BEA.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0001\4FFC0BEB.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0002\4FFC0BFB.VBN Infected: not-a-virus:AdWare.Win32.CommAd.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0002\4FFC0BFC.VBN Infected: not-a-virus:AdWare.Win32.CommAd.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EE40000\4EF50FBC.VBN Infected: not-a-virus:Monitor.Win32.NetMon.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0FF0000E.VBN Infected: not-a-virus:AdWare.Win32.MDH.g 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0FF0000F.VBN Infected: not-a-virus:AdWare.Win32.MDH.g 1
C:\Documents and Settings\gzan\.housecall6.6\Quarantine\css4[1].bac_a02068 Infected: not-a-virus:AdWare.Win32.Virtumonde.lrz 1
C:\Documents and Settings\gzan\.housecall6.6\Quarantine\ddcca.dll.bac_a03352 Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\gzan\Desktop\appz\Bart\tbar.exe Infected: not-a-virus:AdWare.Win32.Dogpile.a 2
C:\Documents and Settings\gzan\Desktop\Desktop Utils\backups\backup-20080614-122037-803.dll Infected: Trojan.Win32.Monder.gen 1
C:\