Hi Dave,
My computer was turned off by friend whey they sat down to do something, and saw a black screen..I was at work...so I ran the kasperkey a 3rd time....anyway 3 times a charm and I got a log..I also have many infections still. Am I picking up stuff bcause I have not been able to do this all straight thru..Tomorrow I may be at home more but wonder if I loose ground each time I go out on the NEt. My computer does seem to be working much better, inspite of what kasperkey says I have. Must have had a truck load of stuff.
Anyway below is my Kasperkey log and a new HJT log. I may try and run the housecall you mentioned in the last email as well
Thanks steph
--------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, April 02, 2008 7:47:33 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 2/04/2008
Kaspersky Anti-Virus database records: 678667
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects 182944
Number of viruses found 22
Number of infected objects 52
Number of suspicious objects 79
Duration of the scan process 01:52:17
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e8b3706d38d7802f89ec26d202f21819_1dce0e75-1303-433a-bfc1-6b582bd25551 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\064D4756/Data.txt .exe Infected: Email-Worm.Win32.NetSky.aa skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\064D4756 ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\064D4756 CryptFF: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13670646.exe Infected: Trojan.Win32.Qhost.rz skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\26423E7E.htm Infected: Trojan-Downloader.JS.Small.bq skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\27286C9E/bwolf@aspeonline.com.zip/bwolf@aspeonline.com.doc .pif Infected: Email-Worm.Win32.Mydoom.m skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\27286C9E/bwolf@aspeonline.com.zip Infected: Email-Worm.Win32.Mydoom.m skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\27286C9E ZIP: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\27286C9E CryptFF: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3E781B21/smartpages.com.html .exe Infected: Email-Worm.Win32.Mydoom.m skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3E781B21 ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3E781B21 CryptFF: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\41DC5EDE.txt Infected: not-virus:Hoax.Win32.Renos.jh skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\48ED4B12 Infected: Email-Worm.Win32.Sober.p skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\55AD4CA0.exe Infected: Trojan-Spy.Win32.Tofger.bd skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5E5F32A2 Infected: Email-Worm.Win32.Mydoom.m skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\60FB4609 Infected: not-a-virus:AdWare.Win32.WinAD.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\681F0E1C.wmf Infected: Exploit.Win32.IMG-WMF.u skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6C9B7761 Infected: not-a-virus:AdWare.Win32.WinAD.ak skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\70DA14C7.tmp Infected: Email-Worm.Win32.Sober.y skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7ADB29ED/Data.txt .exe Infected: Email-Worm.Win32.NetSky.aa skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7ADB29ED ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7ADB29ED CryptFF: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\D2608A11.TMP Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Marty1\Application Data\ErrorSmart\Log\2008 Apr 02 - 05_34_44 PM_921.log Object is locked skipped
C:\Documents and Settings\Marty1\Application Data\GTek\GTUpdate\AUpdate\DellSupport\DSAgnt.log Object is locked skipped
C:\Documents and Settings\Marty1\Application Data\GTek\GTUpdate\AUpdate\DellSupport\DSAgnt_GTActions.log Object is locked skipped
C:\Documents and Settings\Marty1\Application Data\GTek\GTUpdate\AUpdate\DellSupport\gdql_d_DSAgnt.log Object is locked skipped
C:\Documents and Settings\Marty1\Application Data\GTek\GTUpdate\AUpdate\DellSupport\glog.log Object is locked skipped
C:\Documents and Settings\Marty1\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Marty1\Desktop\downloads\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Marty1\Desktop\downloads\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Marty1\Desktop\downloads\SmitfraudFix.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Identities\{8C31AE73-C99F-4DB0-A26E-42BFABE572D4}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Identities\{8C31AE73-C99F-4DB0-A26E-42BFABE572D4}\Microsoft\Outlook Express\Inbox.dbx Object is locked skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Identities\{8C31AE73-C99F-4DB0-A26E-42BFABE572D4}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Identities\{8C31AE73-C99F-4DB0-A26E-42BFABE572D4}\Microsoft\Outlook Express\Pop3uidl.dbx Object is locked skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Identities\{8D32DF8B-D3B8-4783-A0C5-FE37E2FC8659}\Microsoft\Outlook Express\paid for stuff video and other.dbx/[From eBay ][Date Mon, 23 Jan 2006 13:50:42 -0800]/UNNAMED/html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Identities\{8D32DF8B-D3B8-4783-A0C5-FE37E2FC8659}\Microsoft\Outlook Express\paid for stuff video and other.dbx/[From eBay ][Date Mon, 23 Jan 2006 13:50:42 -0800]/UNNAMED Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Identities\{8D32DF8B-D3B8-4783-A0C5-FE37E2FC8659}\Microsoft\Outlook Express\paid for stuff video and other.dbx/[From "service@paypal.com" ][Date Sun, 27 Aug 2006 10:00:20 -0400]/html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Identities\{8D32DF8B-D3B8-4783-A0C5-FE37E2FC8659}\Microsoft\Outlook Express\paid for stuff video and other.dbx Mail MS Outlook 5: suspicious - 3 skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/30 Jan 2006 12:55 from eBay:You Won eBay Item: NEW BEHRINGER FBQ.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/06 Feb 2006 07:11 from eBay:You Won eBay Item: Behringer Ultra-D.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/08 Mar 2006 15:45 from eBay:You Won eBay Item: YOU CAN TEACH YOU.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/17 Mar 2006 22:12 from eBay:You Won eBay Item: New Blue Braided .html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/12 Apr 2006 17:05 to kimmym511@ec.rr.com:Security Measures.Chase.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/24 Apr 2006 00:50 from Paypal Security Notice:ID 49984 Paypal Se/ID 49984 Paypal Security Notice.htm Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/15 Jul 2006 23:16 from eBay:You Won eBay Item: Aria 12 String Ac.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/26 Aug 2006 01:27:Accounts Management.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/12 Oct 2006 05:30 from eBay:You Won eBay Item: Wind Rhythms The .html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/14 Nov 2006 08:07 to sfreeman@ec.rr.com:We have suspended your e.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/08 Apr 2007 06:44 from service@paypal.com:Confirm your Premier A/Confirm your Premier Account.htm Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/25 Jul 2007 11:07 from aw-confirm@ebay.com/ATT16564.htm Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/23 Jan 2008 00:38 from Citi Bank N.A.:CitiBank Alert Message for.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/30 Jan 2006 12:55 from eBay:You Won eBay Item: NEW BEHRINGER FBQ.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/06 Feb 2006 07:11 from eBay:You Won eBay Item: Behringer Ultra-D.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/08 Mar 2006 15:45 from eBay:You Won eBay Item: YOU CAN TEACH YOU.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/17 Mar 2006 22:12 from eBay:You Won eBay Item: New Blue Braided .html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/12 Apr 2006 17:05 to kimmym511@ec.rr.com:Security Measures.Chase.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/24 Apr 2006 00:50 from Paypal Security Notice:ID 49984 Paypal Se/ID 49984 Paypal Security Notice.htm Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/15 Jul 2006 23:16 from eBay:You Won eBay Item: Aria 12 String Ac.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/26 Aug 2006 01:27:Accounts Management.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/12 Oct 2006 05:30 from eBay:You Won eBay Item: Wind Rhythms The .html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/14 Nov 2006 08:07 to sfreeman@ec.rr.com:We have suspended your e.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/08 Apr 2007 06:44 from service@paypal.com:Confirm your Premier A/Confirm your Premier Account.htm Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/25 Jul 2007 11:07 from aw-confirm@ebay.com/ATT16564.htm Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Inbox/23 Jan 2008 00:38 from Citi Bank N.A.:CitiBank Alert Message for.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/26 Jul 2004 01:28 to spoof@ebay.com:Fw: TKO Notice: ***Urgent Sa.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/27 Jul 2004 01:12 to spoof@ebay.com:Fw: FIP NOTICE: eBay Registr.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/31 Jul 2004 00:55 to spoof@ebay.com:Fw: eBay.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/15 Aug 2004 17:35 to spoof@paypal.com:Fw: Case ID Number: PP-040.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/23 Aug 2004 11:46 to spoof@ebay.com:Fw: Billing Issues.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/17 Sep 2004 11:51 to spoof@ebay.com:Fw: Your credit/debit card i.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/14 Oct 2004 11:44 to spoof@ebay.com:Fw: Security Issues.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/16 Oct 2004 20:50 to spoof@ebay.com:Fw: FPA NOTICE: eBay Registr.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/17 Oct 2004 17:03 to eBay Customer Support:Fw: Security Issues.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/18 Oct 2004 11:46 to spoof@paypal.com:Fw: PayPal® Account Review.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/18 Oct 2004 20:15 to eBay Customer Support:Fw: Security Issues.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/10 Nov 2004 12:32 to eBay Customer Support:Fw: TKO NOTICE: Pay y.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/23 Dec 2004 18:39 to spoof@paypal.com:Fw: PayPal Fraud Protectio.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/06 Jan 2005 01:49 to spoof@paypal.com:Fw: PayPal® Account Review.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/15 Apr 2005 18:56 to spoof@paypal.com:Fw: Your PayPal ® account .html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/06 Jun 2005 02:08 to spoof@paypal.com:Fw: PayPal Account Inciden.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/06 Jun 2005 14:09 to spoof@paypal.com:Fw: PayPal Account Review .html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/20 Jun 2005 10:23 to spoof@paypal.com:Fw: [Norton AntiSpam] Upda.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/05 Sep 2005 21:00 to spoof@paypal.com:Fw: [Norton AntiSpam] TKO .html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/24 Apr 2006 00:59 to spoof@paypal.com:Fw: ID 49984 Paypal Securi.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/26 Aug 2006 12:41 to spoof@paypal.com:Fw: Accounts Management.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/12 Sep 2006 00:59 to spoof@ebay.com:Fw: Urgent Safeharbor Depart.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/03 Oct 2006 16:15 to spoof@ebay.com:Fw: Urgent Safeharbor Depart.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/15 Nov 2006 02:45 to spoof@ebay.com:Fw: We have suspended your e.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/26 Jul 2004 01:28 to spoof@ebay.com:Fw: TKO Notice: ***Urgent Sa.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/27 Jul 2004 01:12 to spoof@ebay.com:Fw: FIP NOTICE: eBay Registr.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/31 Jul 2004 00:55 to spoof@ebay.com:Fw: eBay.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/15 Aug 2004 17:35 to spoof@paypal.com:Fw: Case ID Number: PP-040.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/23 Aug 2004 11:46 to spoof@ebay.com:Fw: Billing Issues.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/17 Sep 2004 11:51 to spoof@ebay.com:Fw: Your credit/debit card i.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/14 Oct 2004 11:44 to spoof@ebay.com:Fw: Security Issues.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/16 Oct 2004 20:50 to spoof@ebay.com:Fw: FPA NOTICE: eBay Registr.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/17 Oct 2004 17:03 to eBay Customer Support:Fw: Security Issues.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/18 Oct 2004 11:46 to spoof@paypal.com:Fw: PayPal® Account Review.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/18 Oct 2004 20:15 to eBay Customer Support:Fw: Security Issues.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/10 Nov 2004 12:32 to eBay Customer Support:Fw: TKO NOTICE: Pay y.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/23 Dec 2004 18:39 to spoof@paypal.com:Fw: PayPal Fraud Protectio.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/06 Jan 2005 01:49 to spoof@paypal.com:Fw: PayPal® Account Review.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/15 Apr 2005 18:56 to spoof@paypal.com:Fw: Your PayPal ® account .html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/06 Jun 2005 02:08 to spoof@paypal.com:Fw: PayPal Account Inciden.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/06 Jun 2005 14:09 to spoof@paypal.com:Fw: PayPal Account Review .html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/20 Jun 2005 10:23 to spoof@paypal.com:Fw: [Norton AntiSpam] Upda.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/05 Sep 2005 21:00 to spoof@paypal.com:Fw: [Norton AntiSpam] TKO .html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/24 Apr 2006 00:59 to spoof@paypal.com:Fw: ID 49984 Paypal Securi.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/26 Aug 2006 12:41 to spoof@paypal.com:Fw: Accounts Management.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/12 Sep 2006 00:59 to spoof@ebay.com:Fw: Urgent Safeharbor Depart.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/03 Oct 2006 16:15 to spoof@ebay.com:Fw: Urgent Safeharbor Depart.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst/Personal Folders/Sent Items/15 Nov 2006 02:45 to spoof@ebay.com:Fw: We have suspended your e.html Suspicious: Trojan-Spy.HTML.Fraud.gen skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst Mail MS Mail: suspicious - 74 skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Marty1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Marty1\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\Marty1\Local Settings\History\History.IE5\MSHist012008040220080403\index.dat Object is locked skipped
C:\Documents and Settings\Marty1\Local Settings\Temp\~DF4049.tmp Object is locked skipped
C:\Documents and Settings\Marty1\Local Settings\Temp\~DFAB36.tmp Object is locked skipped
C:\Documents and Settings\Marty1\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Marty1\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Marty1\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Myla\My Documents\smitfraud\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Audible\Bin\AM Install1.INF Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\AntiSpam\Log\Spam.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\Bonus\Log\Shazam.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.7\NCOWAD.dat Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.7\NCOWADMT.dat Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.7\NCOWAS.dat Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.7\NCOWAS.ldb Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Norton 360\Log\AutoProtect.log Object is locked skipped
C:\Program Files\Norton 360\Log\AVContext.log Object is locked skipped
C:\Program Files\Norton 360\Log\AVManual.log Object is locked skipped
C:\Program Files\Norton 360\Log\Backup.log Object is locked skipped
C:\Program Files\Norton 360\Log\CUInternetPageViewHistory.log Object is locked skipped
C:\Program Files\Norton 360\Log\CUInternetSearchHistory.log Object is locked skipped
C:\Program Files\Norton 360\Log\CUInternetTempFiles.log Object is locked skipped
C:\Program Files\Norton 360\Log\CUWindowsTempFiles.log Object is locked skipped
C:\Program Files\Norton 360\Log\EmailScan.log Object is locked skipped
C:\Program Files\Norton 360\Log\InternetSecurity.log Object is locked skipped
C:\Program Files\Norton 360\Log\ISIntrusionPrevented.log Object is locked skipped
C:\Program Files\Norton 360\Log\ISIOTraffic.log Object is locked skipped
C:\Program Files\Norton 360\Log\ISNewNetwork.log Object is locked skipped
C:\Program Files\Norton 360\Log\LiveUpdate.log Object is locked skipped
C:\Program Files\Norton 360\Log\NCO.log Object is locked skipped
C:\Program Files\Norton 360\Log\VABrowserSettings.log Object is locked skipped
C:\Program Files\Norton 360\Log\VAIPAddresses.log Object is locked skipped
C:\Program Files\Norton 360\Log\VAWeakPasswords.log Object is locked skipped
C:\Program Files\Norton 360\Log\WDFScanner.log Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dqzczsbs.exe.vir Infected: Trojan-Downloader.Win32.Obfuscated.em skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rkzsvmda.exe.vir Infected: Trojan-Downloader.Win32.Obfuscated.ec skipped
C:\SDFix\backups_old\backups.zip/backups/dwnrpofk.dll Infected: not-a-virus:AdWare.Win32.Vapsup.dbi skipped
C:\SDFix\backups_old\backups.zip/backups/kdftlboeorn.dll Infected: not-a-virus:AdWare.Win32.Vapsup.dat skipped
C:\SDFix\backups_old\backups.zip/backups/norlatmx.exe Infected: not-a-virus:AdWare.Win32.Vapsup.dau skipped
C:\SDFix\backups_old\backups.zip/backups/qvdntlmw.dll Infected: not-a-virus:AdWare.Win32.Vapsup.dbh skipped
C:\SDFix\backups_old\backups.zip/backups/vbgtorfd.dll Infected: not-a-virus:AdWare.Win32.Vapsup.daw skipped
C:\SDFix\backups_old\backups.zip ZIP: infected - 5 skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1399\A0178667.dll Infected: not-a-virus:AdWare.Win32.Agent.au skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1405\A0180239.dll Infected: Trojan-Downloader.Win32.Agent.lsw skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1405\A0180240.dll Infected: Trojan-Downloader.Win32.Agent.lsw skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1405\A0180241.dll Infected: Trojan-Downloader.Win32.Agent.lsw skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1405\A0180242.dll Infected: Trojan-Downloader.Win32.Agent.lsw skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1408\A0181419.dll Infected: not-a-virus:AdWare.Win32.Vapsup.dat skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1408\A0181420.dll Infected: not-a-virus:AdWare.Win32.Vapsup.dbi skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1408\A0181421.exe Infected: not-a-virus:AdWare.Win32.Vapsup.dau skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1408\A0181422.dll Infected: not-a-virus:AdWare.Win32.Vapsup.dbh skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1408\A0181423.dll Infected: not-a-virus:AdWare.Win32.Vapsup.daw skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1408\A0181429.dll Infected: not-a-virus:AdWare.Win32.Vapsup.dbi skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1408\A0181431.dll Infected: not-a-virus:AdWare.Win32.Vapsup.dat skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1408\A0181432.exe Infected: not-a-virus:AdWare.Win32.Vapsup.dau skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1408\A0181433.dll Infected: not-a-virus:AdWare.Win32.Vapsup.dbh skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1408\A0181436.dll Infected: not-a-virus:AdWare.Win32.Vapsup.daw skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1411\A0181740.exe Infected: Trojan-Downloader.Win32.Obfuscated.em skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1411\A0181741.exe Infected: Trojan-Downloader.Win32.Obfuscated.ec skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1412\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{EA50A946-51FC-4974-9A34-69E80E65D634}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\JETBE70.tmp Object is locked skipped
C:\WINDOWS\Temp\JETBF89.tmp Object is locked skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
---------------------------------------------------------------------------------------------------------------
NEW HJT log
Logfile of HijackThis v1.99.1
Scan saved at 8:01:58 PM, on 4/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\SpyHunter\PopupBlocker\EnigmaPopupStop.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Sierra\Planner\PLNRnote.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ErrorSmart\ErrorSmart.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Outlook Express\MSIMN.EXE
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.rr.com/br...h...rr&d=homerr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.rr.com/br...h...rr&d=homerr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.rr.com/br...h...rr&d=homerr
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [EnigmaPopupStop] C:\Program Files\SpyHunter\PopupBlocker\EnigmaPopupStop.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ErrorSmart] C:\Program Files\ErrorSmart\ErrorSmart.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Event Planner Reminders Tray Icon.lnk = C:\Sierra\Planner\PLNRnote.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) -
http://support.dell....iler/SysPro.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windup...Bridge-c139.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.syma...bin/AvSniff.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) -
http://www.nanoscan....s/ascstubie.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) -
https://webdl.symant...ex/symdlmgr.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) -
http://www.nanoscan....bs/nanoinst.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) -
http://photo.walmart...ploadClient.cab
O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) -
http://www.streaming...MINIBrowser.CAB
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) -
http://www.live365.c...ers/play365.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe