New HJT:Logfile of HijackThis v1.99.1
Scan saved at 10:16:38 PM, on 7/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LhoK8W3.exe
C:\WINDOWS\system32\Yhrt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\hp pavilion\Desktop\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [TV Now] C:\Program Files\HPQ\Notebook Utilities\TvNow.exe /RK
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [4S2NSLA3QS#366] C:\WINDOWS\System32\OjqN0Y44.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall60.t...all/xscan60.cabO16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windup.../bridge-c10.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akama...meInstaller.exeO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by102fd.bay10...es/MsnPUpld.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoft.../as5/asinst.cabO16 - DPF: {A9DAD15A-365E-494D-9D41-8A0BB80007B0} (ArcticShell control) -
http://www.arcticpig...ivex/mayhem.cabO16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} -
http://us.dl1.yimg.c...utocomplete.cabO16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://antu.popcap.c...aploader_v5.cabO23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Belkin 54g Wireless USB Network Adapter (Belkin 54g Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
Find file bat:Volume in drive C has no label.
Volume Serial Number is 15E1-7745
Directory of C:\WINDOWS\System32
12/04/2003 02:00 AM 28,768 javaw.exe
07/13/2005 03:00 PM 401,408 j?vaw.exe
2 File(s) 430,176 bytes
Directory of C:\Documents and Settings\hp pavilion\Desktop
Panda Active Scan result:Incident Status Location
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\SYSTEM32\OJQN0Y44.EXE
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\Yhrt.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\LhoK8W3.exe
Spyware:spyware/bargainbuddy No disinfected C:\WINDOWS\SYSTEM32\apuc.dll
Adware:adware/netpals No disinfected C:\WINDOWS\SYSTEM32\calsdr.dll
Spyware:spyware/whazit No disinfected C:\WINDOWS\SYSTEM32\fiz1
Adware:adware/wupd No disinfected C:\WINDOWS\SYSTEM32\ide21201.vxd
Adware:adware/browseraid No disinfected C:\WINDOWS\SYSTEM32\inetp60.dll
Adware:adware/ncase No disinfected C:\WINDOWS\SYSTEM32\msbb321.dll
Spyware:spyware/adclicker No disinfected C:\WINDOWS\SYSTEM32\pup.exe
Adware:adware/addestroyer No disinfected C:\WINDOWS\SYSTEM32\SWRT01.dll
Adware:adware/virtualbouncer No disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\VBouncerOuter1137040505.EXE
Adware:adware/ipinsight No disinfected C:\WINDOWS\INF\alchem.inf
Adware:adware/delfinmedia No disinfected C:\keys.ini
Spyware:spyware/virtumonde No disinfected C:\WINDOWS\dpusys.ini
Adware:adware/sidesearch No disinfected C:\WINDOWS\sepsd.bin
Adware:adware/twain-tech No disinfected C:\WINDOWS\smdat32m.sys
Adware:adware/sahagent No disinfected C:\WINDOWS\SYSTEM32\SahImages
Adware:adware/esyndicate No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WBCM
Adware:adware/blazefind No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WINDOWS SA
Adware:adware/mywebsearch No disinfected HKEY_CURRENT_USER\SOFTWARE\TOOLBAR
Adware:adware/savenow No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\MAGNET
Adware:adware/statblaster No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MINIGOLF
Spyware:spyware/dyfuca No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP MANAGEMENT\ARPCACHE\INTERNET OPTIMIZER
Adware:adware/memorywatcher No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP MANAGEMENT\ARPCACHE\MEMORYWATCHER
Adware:adware/iedriver No disinfected HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\EXTENSIONS\CMDMAPPING\{1A00C40B-DA85-4AA3-A67F-582D9347EECD}
Adware:adware/mediatickets No disinfected HKEY_CLASSES_ROOT\Interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9}
Adware:adware/brilliantdigitalNo disinfected HKEY_CLASSES_ROOT\Interface\{48E59292-9880-11CF-9754-00AA00C00908}
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-10dd1028-6da1911a.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\GetAccess.class-757cc4da-10ea4f87.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\GetAccess.class-7fd63a53-5dac03a0.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\InsecureClassLoader.class-5c4c2e2f-7fa433ff.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\a.jar-5dce5407-181a5350.zip[a.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\a.jar-5dce5407-181a5350.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-697e4ecc-1a36f28f.zip[BlackBox.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-697e4ecc-1a36f28f.zip[VB.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-697e4ecc-1a36f28f.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-697e4ecc-1a36f28f.zip[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-5b377964.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-5b377964.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-5b377964.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-5b377964.zip[Installer.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-6fcf5f78.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-6fcf5f78.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-6fcf5f78.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-6fcf5f78.zip[Installer.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-7a22786b.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-7a22786b.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-7a22786b.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-7a22786b.zip[Installer.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f5b6b54-793185eb.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f5b6b54-793185eb.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f5b6b54-793185eb.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f5b6b54-793185eb.zip[Installer.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-64269984-4e46fa31.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-64269984-4e46fa31.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-64269984-4e46fa31.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-64269984-4e46fa31.zip[Installer.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-66656fc7-42ca01a9.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-66656fc7-42ca01a9.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-66656fc7-42ca01a9.zip[Installer.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count1.jar-5e1a93af-3cdf09ca.zip[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count1.jar-5e1a93af-3cdf09ca.zip[BlackBox.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count1.jar-5e1a93af-3cdf09ca.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count1.jar-5e1a93af-3cdf09ca.zip[VerifierBug.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count1.jar-5e1a96b1-476621f2.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\demo.jar-30f1f1ac-13a31ac7.zip[BlackBox.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\demo.jar-30f1f1ac-13a31ac7.zip[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\demo.jar-30f1f1ac-13a31ac7.zip[VerifierBug.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\demo.jar-30f1f1ac-13a31ac7.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\demo.jar-410a8915-35ca072d.zip[BlackBox.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\demo.jar-410a8915-35ca072d.zip[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\demo.jar-410a8915-35ca072d.zip[VerifierBug.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\demo.jar-410a8915-35ca072d.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv420.jar-19cdd09a-428adf90.zip[Counter.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv420.jar-19cdd09a-428adf90.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv420.jar-19cdd09a-428adf90.zip[Matrix.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv420.jar-19cdd09a-428adf90.zip[Parser.class]
Adware:Adware/nCase No disinfected C:\Documents and Settings\hp pavilion\Desktop\hijackthis\backups\backup-20050714-103352-320.dll
Adware:Adware/BlazeFind No disinfected C:\Documents and Settings\hp pavilion\Desktop\hijackthis\backups\backup-20050717-113253-733.dll
Adware:Adware/PopCapLoader No disinfected C:\WINDOWS\Downloaded Program Files\popcaploader.dll
Adware:Adware/PopCapLoader No disinfected C:\WINDOWS\Downloaded Program Files\popcaploader.inf
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\e359hchk.exe
Adware:Adware/IPInsight No disinfected C:\WINDOWS\inf\alchem.inf
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\inf\biH.inf
Spyware:Spyware/BetterInet No disinfected C:\WINDOWS\inf\biini.inf
Adware:Adware/Transponder No disinfected C:\WINDOWS\inf\polall1r.inf
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\apuc.dll
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\Arzhag6.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\AthffaH.exe
Adware:Adware/NetPals No disinfected C:\WINDOWS\system32\atiupdate5.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\Azw54.exe
Adware:Adware/NetPals No disinfected C:\WINDOWS\system32\calsdr.dll
Adware:Adware/NetPals No disinfected C:\WINDOWS\system32\calsdr.exe
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\hosts.20050113-191218.backup
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\hosts.20050228-195231.backup
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\hosts.20050601-173012.backup
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\exul.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\GivLt51.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\Hcj2s6.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\HraiNO18.exe
Possible Virus. No disinfected C:\WINDOWS\system32\inetp60.dll
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\Jls3.exe
Adware:Adware/PurityScan No disinfected C:\WINDOWS\system32\j?vaw.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\KrwH5f.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\KtrA.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\LhoK8W3.exe
Spyware:Spyware/LinkReplacer No disinfected C:\WINDOWS\system32\lmf32v.dll_tobedeleted
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\MkqjPr5.exe
Adware:Adware/nCase No disinfected C:\WINDOWS\system32\msbb321.dll
Virus:W32/Gaobot.RB.worm Disinfected C:\WINDOWS\system32\Msrv32.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\NipM9X44.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\OfoWP.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\OjqN0Y44.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\PsqfRame.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\Pws1B4.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\RodeL8.exe
Adware:Adware/PurityScan No disinfected C:\WINDOWS\system32\Shex.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\Ssa9.exe
Adware:Adware/VirtualBouncer No disinfected C:\WINDOWS\system32\SWRT01.dll
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\TtsKDJTq.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\Ufmmx.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\Uvz6.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\WnwEwc.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\Wqxd.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\Yhrt.exe
Adware:Adware/MemoryWatcher No disinfected C:\WINDOWS\system32\YtaxJ.exe
Trend Micro Housecall: Virus Scan 0 virus cleaned, 5 viruses deleted
Results:
We have detected 4 infected file(s) with 5 virus(es) on your computer. Only 0 out of 0 infected files are displayed: - 0 virus(es) passed, 0 virus(es) no action available
- 0 virus(es) cleaned, 0 virus(es) uncleanable
- 5 virus(es) deleted, 0 virus(es) undeletable
- 0 virus(es) not found, 0 virus(es) unaccessible
Detected File Associated Virus Name Action Taken
C:\Documents and Settings\hp pavilion\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count1.jar-5e1a96b1-476621f2.zip
- BlackBox.class JAVA_BYTEVER.A Deletion successful
- VerifierBug.class JAVA_BYTEVER.A Deletion successful
C:\WINDOWS\system32\Jls3.exe BKDR_SANDBOX.A Deletion successful
C:\WINDOWS\system32\KtrA.exe BKDR_SANDBOX.A Deletion successful
C:\WINDOWS\system32\RodeL8.exe BKDR_SANDBOX.A Deletion successful
Trojan/Worm Check 0 worm/Trojan horse deleted
What we checked:
Malicious activity by a Trojan horse program. Although a Trojan seems like a harmless program, it contains malicious code and once installed can cause damage to your computer.
Results:
We have detected 0 Trojan horse program(s) and worm(s) on your computer. Only 0 out of 0 Trojan horse programs and worms are displayed: - 0 worm(s)/Trojan(s) passed, 0 worm(s)/Trojan(s) no action available
- 0 Worm(s)/Trojan(s) deleted, 0 worm(s)/Trojan(s) undeletable
Trojan/Worm Name Trojan/Worm Type Action Taken
Spyware Check 12 spyware programs removed
What we checked:
Whether personal information was tracked and reported by spyware. Spyware is often installed secretly with legitimate programs downloaded from the Internet.
Results:
We have detected 12 spyware(s) on your computer. Only 0 out of 0 spywares are displayed: - 0 spyware(s) passed, 0 spyware(s) no action available
- 12 spyware(s) removed, 0 spyware(s) unremovable
Spyware Name Spyware Type Action Taken
ADW_BADBITOR.A Adware Removal successful
SPYW_WINSB.A Spyware Removal successful
ADW_VERTICITY.A Adware Removal successful
ADW_OVERPRO.A Adware Removal successful
ADW_NETPALS.A Adware Removal successful (Please reboot your machine)
ADW_SIDESEARCH.A Adware Removal successful
SPYW_DYFUCA.L Spyware Removal successful
SPYW_MEDACCESS.A Spyware Removal successful
SPYW_VBOUNCE.B Spyware Removal successful (Please reboot your machine)
ADW_BLAZE.B Adware Removal successful
ADW_BROWSERAID.E Adware Removal successful (Please reboot your machine)
ADW_WINAD.L Adware Removal successful
Microsoft Vulnerability Check 3 vulnerabilities detected
What we checked:
Microsoft known security vulnerabilities. These are issues Microsoft has identified and released Critical Updates to fix.
Results:
We have detected 3 vulnerability/vulnerabilities on your computer. Only 0 out of 0 vulnerabilities are displayed.
Risk Level Issue How to Fix
Important This remote code execution vulnerability could allow a malicious user or a malware to take complete control of the affected system if the affected user is currently logged on with administrative privileges. The malicious user or malware can execute code on the system giving them the ability to install or run programs and view or edit data with full privileges. Thus, this vulnerability can conceivably be used by a malware for replication purposes.;The vulnerability is caused by an unchecked buffer in the Microsoft Office WordPerfect Converter. MS04-027
Critical This vulnerability lies in the way the affected components process JPEG image files. An unchecked buffer within this process is the cause of the vulnerability.;This remote code execution vulnerability could allow a malicious user or a malware to take complete control of the affected system if the affected user is currently logged on with administrative privileges. The malicious user or malware can execute arbitrary code on the system giving them the ability to install or run programs and view or edit data with full privileges. Thus, this vulnerability can conceivably be used by a malware for replication purposes. MS04-028
Important A vulnerability in ASP.NET allows an attacker to bypass the security of an ASP.NET Web site, and access a machine. The attacker gains unauthorized access to some areas of the said Web site, and is able to control it accordingly. The actions that the attacker could take would depend on the specific content being protected. MS05-004
Hope thats everything. Thanks