Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

This Is Not My Comp!!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

This Is Not My Comp!!!

Unread postby gamerking#1 » April 26th, 2007, 1:34 pm

This is not my comp.My comp was already fixed.But i went on my sisters computer and saw it was running really slow and it had some problems so I came back here. I ran spybot s&d and Ad-aware and I found alot of viruses.My mom uses this comp for bank acounts and other important stuff.So if this comp had a keylogger like mine had we could be in trouble so I came here to be sure.This is my hjt log.

Logfile of HijackThis v1.99.1
Scan saved at 1:28:08 PM, on 4/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
c:\opt\MBCASE\pm\bin\mcp.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
c:\opt\MBCASE\WIS\TBCD\tbmux32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\cmd.exe
C:\opt\MBCASE\pm\bin\cmserver.exe
C:\WINDOWS\system32\cmd.exe
C:\opt\MBCASE\pm\bin\lic_srv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.thedollpalace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... earch.html
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dmufa.exe] C:\WINDOWS\system32\dmufa.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Phone Connection Monitor.lnk = ?
O4 - Global Startup: PI Monitor.lnk = C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Custo ... anager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5887514531
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/ ... taller.exe
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol ... _en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{48F6D45E-B072-46C0-B88F-F5ED71BEF5B8}: NameServer = 85.255.113.117,85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{5385EF7B-54DB-4C75-AC70-8FD41CD760D6}: NameServer = 85.255.113.117,85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{AE2695F9-96E2-4159-A314-CEB156792F9F}: NameServer = 85.255.113.117,85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{D7BFB937-175F-49E1-B5C7-8191724CED24}: NameServer = 85.255.113.117,85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{D801CA5C-EF8A-4555-85CC-D2731EB4D98B}: NameServer = 85.255.113.117,85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD6B809F-047F-4F3B-A8B1-4FDD74A3CDE3}: NameServer = 85.255.113.117,85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF2CFDB0-42AB-4BD5-8D21-69718A2A3003}: NameServer = 85.255.113.117,85.255.112.90
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: konfig - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing)
O23 - Service: license - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing)
O23 - Service: mcp - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TransBaseService - TransAction Software, D 81737 Munich - c:\opt\MBCASE\WIS\TBCD\tbmux32.exe
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm
Advertisement
Register to Remove

Unread postby random/random » April 26th, 2007, 2:12 pm

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://www.bleepingcomputer.com/files/l ... areout.exe

Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.

Once the desktop loads please post the text that will open (report.txt) and a new Hijackthis log.

Run HijackThis
Click on do a system scan only
Place a checkmark next to these lines(if still present)

O4 - HKLM\..\Run: [dmufa.exe] C:\WINDOWS\system32\dmufa.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{48F6D45E-B072-46C0-B88F-F5ED71BEF5B8}: NameServer = 85.255.113.117,85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{5385EF7B-54DB-4C75-AC70-8FD41CD760D6}: NameServer = 85.255.113.117,85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{AE2695F9-96E2-4159-A314-CEB156792F9F}: NameServer = 85.255.113.117,85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{D7BFB937-175F-49E1-B5C7-8191724CED24}: NameServer = 85.255.113.117,85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{D801CA5C-EF8A-4555-85CC-D2731EB4D98B}: NameServer = 85.255.113.117,85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD6B809F-047F-4F3B-A8B1-4FDD74A3CDE3}: NameServer = 85.255.113.117,85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF2CFDB0-42AB-4BD5-8D21-69718A2A3003}: NameServer = 85.255.113.117,85.255.112.90

Then close all windows except Hijackthis and click Fix Checked

  • Please download F-Secure Blacklight (fsbl.exe) from here
  • Save into C:\ with a name of fsbl.exe
  • Go to Start > Run
  • Copy and paste the contents of the below codebox into the run box
    Code: Select all
    C:\fsbl.exe /expert
  • Click OK
  • This will launch BlackLight
  • Select I accept the agreement
  • Click Next
  • Click Scan
  • Wait for the scan to finish
  • Click on Next>
  • Click Exit
  • A logfile will have been created in the C:\ drive
  • It will be named fsbl-xxxxxxxxxxxxxx.log where xxxxxxxxxxxxxx is the date and time of the scan
  • Use notepad to open that log
  • Post the contents of that log as a reply to this topic

Go here to run an online scannner from Kaspersky.
  • Click on "Kaspersky Online Scanner"
  • A new smaller window will pop up. Press on "Accept". After reading the contents.
  • Now Kaspersky will update the anti-virus database. Let it run.
  • Click on "Next">"Scan Settings", and make sure the database is set to "extended". And check both the scan options. Then click OK.
  • Then click on "My Computer", and the scan will start.
  • Once finished, save the log as "KAV.txt" to the desktop.


Post back with the Blacklight log, the Kaspersky log and a new HijackThis log
User avatar
random/random
Developer
Developer
 
Posts: 7723
Joined: December 18th, 2005, 3:30 pm

Unread postby gamerking#1 » May 2nd, 2007, 4:06 pm

thank you for helping me but I cannot go on that computer.My brother loves to anoy me so he goes on my sisters comp all day to play runescape just because he doesnt like to play it on his mac.I did half the scans but my sister wanted to go on and I havent been able to go on since. My brother comes home plays runescape then does his homework at 10 so I wont be able to go one for a while im sorry. :(
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Unread postby gamerking#1 » May 9th, 2007, 4:36 pm

done

Hijack this

Logfile of HijackThis v1.99.1
Scan saved at 4:24:46 PM, on 5/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\AIM6\aolsoftware.exe
c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
c:\opt\MBCASE\pm\bin\mcp.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
c:\opt\MBCASE\WIS\TBCD\tbmux32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\cmd.exe
C:\opt\MBCASE\pm\bin\cmserver.exe
C:\WINDOWS\system32\cmd.exe
C:\opt\MBCASE\pm\bin\lic_srv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.thedollpalace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... earch.html
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Phone Connection Monitor.lnk = ?
O4 - Global Startup: PI Monitor.lnk = C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Custo ... anager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://mypoints.worldwinner.com/games/v ... Loader.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/be ... eweled.cab
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - http://www.worldwinner.com/games/v49/bl ... ckwerx.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5887514531
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} (Cubis Control) - http://www.worldwinner.com/games/v57/cubis/cubis.cab
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) - http://www.worldwinner.com/games/v67/swapit/swapit.cab
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - http://www.worldwinner.com/games/v43/paint/paint.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/ ... taller.exe
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} (WWSpades Control) - http://www.worldwinner.com/games/v47/ww ... spades.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: konfig - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing)
O23 - Service: license - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing)
O23 - Service: mcp - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TransBaseService - TransAction Software, D 81737 Munich - c:\opt\MBCASE\WIS\TBCD\tbmux32.exe





Kav







{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fswiss\fcharset0 Arial;}}
{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs16 Fixwareout Last edited 4/5/2007\par
Post this report in the forums please \par
...\par
\'bb\'bb\'bb\'bb\'bbPrerun check\par
\par
\'bb\'bb\'bb\'bb\'bb System restarted\par
\par
\'bb\'bb\'bb\'bb\'bb Postrun check \par
HKLM\\SOFTWARE\\~\\Winlogon\\ "System"="" \par
....\par
....\par
\'bb\'bb\'bb\'bb\'bb Misc files. \par
....\par
\'bb\'bb\'bb\'bb\'bb Checking for older varients.\par
....\par
\par
Search five digit cs, dm, kd, jb, other, files.\par
The following files NEED TO BE SUBMITTED to one of the following URL'S for further inspection. \par
\par
\par
\par
Click browse, find the file then click submit.\par
http://www.virustotal.com/flash/index_en.html\par
Or http://virusscan.jotti.org/\par
\par
\'bb\'bb\'bb\'bb\'bb Other\par
\par
\par
\par
\'bb\'bb\'bb\'bb\'bb Current runs \par
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]\par
"Apoint"="C:\\\\Program Files\\\\Apoint2K\\\\Apoint.exe"\par
"AGRSMMSG"="AGRSMMSG.exe"\par
"NvCplDaemon"="RUNDLL32.EXE C:\\\\WINDOWS\\\\System32\\\\NvCpl.dll,NvStartup"\par
"nwiz"="nwiz.exe /install"\par
"Cpqset"="C:\\\\Program Files\\\\HPQ\\\\Default Settings\\\\cpqset.exe"\par
"SunJavaUpdateSched"="C:\\\\Program Files\\\\Java\\\\jre1.5.0_06\\\\bin\\\\jusched.exe"\par
"UpdateManager"="\\"C:\\\\Program Files\\\\Common Files\\\\Sonic\\\\Update Manager\\\\sgtray.exe\\" /r"\par
"MMTray"="\\"C:\\\\Program Files\\\\MUSICMATCH\\\\MUSICMATCH Jukebox\\\\mm_tray.exe\\""\par
"AVG7_CC"="C:\\\\PROGRA~1\\\\Grisoft\\\\AVGFRE~1\\\\avgcc.exe /STARTUP"\par
"AVG7_EMC"="C:\\\\PROGRA~1\\\\Grisoft\\\\AVGFRE~1\\\\avgemc.exe"\par
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"\par
"MimBoot"="C:\\\\PROGRA~1\\\\MUSICM~1\\\\MUSICM~1\\\\mimboot.exe"\par
"snpstd3"="C:\\\\WINDOWS\\\\vsnpstd3.exe"\par
"iTunesHelper"="\\"C:\\\\Program Files\\\\iTunes\\\\iTunesHelper.exe\\""\par
"QuickTime Task"="\\"C:\\\\Program Files\\\\QuickTime\\\\qttask.exe\\" -atboottime"\par
"Google Desktop Search"="\\"C:\\\\Program Files\\\\Google\\\\Google Desktop Search\\\\GoogleDesktop.exe\\" /startup"\par
"TkBellExe"="\\"C:\\\\Program Files\\\\Common Files\\\\Real\\\\Update_OB\\\\realsched.exe\\" -osboot"\par
"IntelliPoint"="\\"C:\\\\Program Files\\\\Microsoft IntelliPoint\\\\point32.exe\\""\par
"HP Software Update"="C:\\\\Program Files\\\\Hewlett-Packard\\\\HP Software Update\\\\HPWuSchd2.exe"\par
\par
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]\par
"RecordNow!"=""\par
"Yahoo! Pager"="C:\\\\Program Files\\\\Yahoo!\\\\Messenger\\\\ypager.exe -quiet"\par
"MSMSGS"="\\"C:\\\\Program Files\\\\Messenger\\\\msmsgs.exe\\" /background"\par
"Skype"="\\"C:\\\\Program Files\\\\Skype\\\\Phone\\\\Skype.exe\\" /nosplash /minimized"\par
"Aim6"="\\"C:\\\\Program Files\\\\AIM6\\\\aim6.exe\\" /d locale=en-US ee://aol/imApp"\par
....\par
Hosts file was reset, If you use a custom hosts file please replace it\par
\'bb\'bb\'bb\'bb\'bb End report \'bb\'bb\'bb\'bb\'bb\fs20\par
}




Fixwareout Last edited 4/5/2007
Post this report in the forums please
...
»»»»»Prerun check

»»»»» System restarted

»»»»» Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"=""
....
....
»»»»» Misc files.
....
»»»»» Checking for older varients.
....

Search five digit cs, dm, kd, jb, other, files.
The following files NEED TO BE SUBMITTED to one of the following URL'S for further inspection.



Click browse, find the file then click submit.
http://www.virustotal.com/flash/index_en.html
Or http://virusscan.jotti.org/

»»»»» Other



»»»»» Current runs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
"MMTray"="\"C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mm_tray.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"AVG7_EMC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgemc.exe"
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"MimBoot"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~1\\mimboot.exe"
"snpstd3"="C:\\WINDOWS\\vsnpstd3.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"IntelliPoint"="\"C:\\Program Files\\Microsoft IntelliPoint\\point32.exe\""
"HP Software Update"="C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd2.exe"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"=""
"Yahoo! Pager"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"Aim6"="\"C:\\Program Files\\AIM6\\aim6.exe\" /d locale=en-US ee://aol/imApp"
....
Hosts file was reset, If you use a custom hosts file please replace it
»»»»» End report »»»»»






Fixit


Fixwareout Last edited 4/5/2007
Post this report in the forums please
...
»»»»»Prerun check

»»»»» System restarted

»»»»» Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"=""
....
....
»»»»» Misc files.
....
»»»»» Checking for older varients.
....

Search five digit cs, dm, kd, jb, other, files.
The following files NEED TO BE SUBMITTED to one of the following URL'S for further inspection.

C:\WINDOWS\system32\dmwbi.exe 62046 08/04/2004


Click browse, find the file then click submit.
http://www.virustotal.com/flash/index_en.html
Or http://virusscan.jotti.org/

»»»»» Other



»»»»» Current runs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
"MMTray"="\"C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mm_tray.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"AVG7_EMC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgemc.exe"
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"MimBoot"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~1\\mimboot.exe"
"snpstd3"="C:\\WINDOWS\\vsnpstd3.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"IntelliPoint"="\"C:\\Program Files\\Microsoft IntelliPoint\\point32.exe\""
"HP Software Update"="C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd2.exe"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"=""
"Yahoo! Pager"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"Aim6"="\"C:\\Program Files\\AIM6\\aim6.exe\" /d locale=en-US ee://aol/imApp"
....
Hosts file was reset, If you use a custom hosts file please replace it
»»»»» End report »»»»»



Black Light

04/26/07 16:43:52 [Info]: BlackLight Engine 1.0.61 initialized
04/26/07 16:43:52 [Info]: OS: 5.1 build 2600 (Service Pack 2)
04/26/07 16:43:53 [Note]: 7019 4
04/26/07 16:43:53 [Note]: 7005 0
04/26/07 16:43:55 [Note]: 7006 0
04/26/07 16:43:55 [Note]: 7022 0
04/26/07 16:43:55 [Note]: 7011 1580
04/26/07 16:43:55 [Note]: 7026 0
04/26/07 16:43:56 [Note]: 7026 0
04/26/07 16:44:01 [Note]: FSRAW library version 1.7.1021
04/26/07 17:01:57 [Note]: 2000 1012
04/26/07 17:29:04 [Note]: 7007 0
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Unread postby random/random » May 9th, 2007, 4:48 pm

Then please upload this file:

C:\WINDOWS\system32\dmwbi.exe

To either jotti or virustotal

Post back with the jotti/virustotal results and a new HijackThis log
User avatar
random/random
Developer
Developer
 
Posts: 7723
Joined: December 18th, 2005, 3:30 pm

Unread postby random/random » May 11th, 2007, 2:55 pm

Then please upload this file:

C:\WINDOWS\system32\dmwbi.exe

To either jotti or virustotal


Wait what do I do? Can you please explain?


Go to either the jotti or virustotal links, click browse, find the file, select it, click open, click send/submit, wait for scan to finish and copy and paste the results as a reply to this topic

Keep all your replies in this topic, or they will just be ignored

What you said was the kaspersky log was the fixwareout log opened with a word processor not set up correctly for plain text -please post the kaspersky log
User avatar
random/random
Developer
Developer
 
Posts: 7723
Joined: December 18th, 2005, 3:30 pm

Unread postby random/random » May 11th, 2007, 3:54 pm

As I said, any PMs are going to go ignored, so reply to this topic or not at all
User avatar
random/random
Developer
Developer
 
Posts: 7723
Joined: December 18th, 2005, 3:30 pm

Unread postby gamerking#1 » May 12th, 2007, 2:16 pm

sorry about the pms.I thought that was the Kaspersky scanner. My sister must have deleted it.But when I try to upload the file to one of those It says one bytes recevied and it never changes.
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Unread postby gamerking#1 » May 12th, 2007, 2:20 pm

I cant find that file it says that it does not exist...
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Unread postby random/random » May 13th, 2007, 7:18 am

Copy/paste the following quote box into a new notepad (not wordpad) document. Make sure that wordwrap is turned off.

attrib -r -s -h C:\windows\system32\dm*.exe
if exist search.txt del /q search.txt
dir /a C:\windows\system32\dm*.exe >> search.txt
notepad.exe search.txt


Save it to your Desktop as find.bat. Save it as:
File Type: All Files (not as a text document or it wont work).
Name: find.bat

Locate find.bat on your Desktop and double-click it. A DOS window will open briefly and then close, this is normal

A notepad will open up, copy and paste the contents of that window as a reply to this topic
User avatar
random/random
Developer
Developer
 
Posts: 7723
Joined: December 18th, 2005, 3:30 pm

Unread postby gamerking#1 » May 13th, 2007, 3:31 pm

Volume in drive C has no label.
Volume Serial Number is 44B0-3C2E

Directory of C:\windows\system32

08/04/2004 03:56 AM 224,768 dmadmin.exe
12/19/2003 04:17 AM 1,323,008 dmcpl.exe
08/04/2004 03:56 AM 15,872 dmremote.exe
3 File(s) 1,563,648 bytes
0 Dir(s) 28,396,740,608 bytes free

here is the notepad scan thing I am currently doing the kaspersky scanner again. Because my sister keeps deleting it. :evil:
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Unread postby random/random » May 13th, 2007, 3:36 pm

Then please upload this file:

C:\windows\system32\dmcpl.exe

To either jotti or virustotal

post back with the jotti/virustotal results, the kaspersky log and a new HijackThis log
User avatar
random/random
Developer
Developer
 
Posts: 7723
Joined: December 18th, 2005, 3:30 pm

Unread postby gamerking#1 » May 13th, 2007, 4:28 pm

ok I will try that again but do I have to do that Kaspersky scan? It was almost done and my sister deleted it and I got in trouble because she started crying.8 times I had to that scan please tell me I dont have to do it.
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Unread postby gamerking#1 » May 13th, 2007, 9:00 pm

HJT

Logfile of HijackThis v1.99.1
Scan saved at 8:56:18 PM, on 5/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
c:\opt\MBCASE\pm\bin\mcp.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
c:\opt\MBCASE\WIS\TBCD\tbmux32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\cmd.exe
C:\opt\MBCASE\pm\bin\cmserver.exe
C:\WINDOWS\system32\cmd.exe
C:\opt\MBCASE\pm\bin\lic_srv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.thedollpalace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... earch.html
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Phone Connection Monitor.lnk = ?
O4 - Global Startup: PI Monitor.lnk = C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Custo ... anager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://mypoints.worldwinner.com/games/v ... Loader.cab
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} (Pool Control) - http://www.worldwinner.com/games/v50/pool/pool.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/be ... eweled.cab
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - http://www.worldwinner.com/games/v49/bl ... ckwerx.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5887514531
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} (Cubis Control) - http://www.worldwinner.com/games/v57/cubis/cubis.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) - http://www.worldwinner.com/games/v67/swapit/swapit.cab
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - http://www.worldwinner.com/games/v41/ha ... angman.cab
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - http://www.worldwinner.com/games/v43/paint/paint.cab
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} (WWSpades Control) - http://www.worldwinner.com/games/v47/ww ... spades.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: konfig - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing)
O23 - Service: license - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing)
O23 - Service: mcp - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TransBaseService - TransAction Software, D 81737 Munich - c:\opt\MBCASE\WIS\TBCD\tbmux32.exes

Finally I hate this scanner it takes forever!

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, May 13, 2007 8:54:03 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 14/05/2007
Kaspersky Anti-Virus database records: 318502
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 122627
Number of viruses found: 36
Number of infected objects: 228 / 0
Number of suspicious objects: 0
Duration of the scan process: 02:16:43

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d97bfa5720c8e3665ef048e87ff1dc70_9fef94ca-6678-4080-9af7-4ffc3819af47 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-1199dff7-40066231.zip/Counter.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-1199dff7-40066231.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-1199dff7-40066231.zip/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-1199dff7-40066231.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-263cc1e0-195b96e7.zip/Counter.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-263cc1e0-195b96e7.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-263cc1e0-195b96e7.zip/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-263cc1e0-195b96e7.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-5157872c-2961208a.zip/Counter.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-5157872c-2961208a.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-5157872c-2961208a.zip/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-5157872c-2961208a.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-78ee691-28f2731b.zip/Counter.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-78ee691-28f2731b.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-78ee691-28f2731b.zip/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-78ee691-28f2731b.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-1946ff78-31ee0656.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-1946ff78-31ee0656.zip/Counter.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-1946ff78-31ee0656.zip/Beyond.class Infected: Trojan.Java.Femad skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-1946ff78-31ee0656.zip/Worker.class Infected: Trojan.Java.Femad skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-1946ff78-31ee0656.zip/web.exe Infected: Trojan.Win32.Small.ai skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-1946ff78-31ee0656.zip ZIP: infected - 5 skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f5b6b54-21f68e17.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f5b6b54-21f68e17.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f5b6b54-21f68e17.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f5b6b54-21f68e17.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f5b6b54-21f68e17.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\exed.jar-4539001-693b7f8a.zip/Cla1.class Infected: Trojan.Java.ClassLoader.f skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\exed.jar-4539001-693b7f8a.zip/Cla2.class Infected: Trojan-Dropper.Java.Cliper.a skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\exed.jar-4539001-693b7f8a.zip/VerifierBug.class Infected: Trojan.Java.Needy.c skipped
C:\Documents and Settings\peter chovan\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\exed.jar-4539001-693b7f8a.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan\Local Settings\Temp\ctZyHW.dll Infected: not-a-virus:AdWare.Win32.Midadle.f skipped
C:\Documents and Settings\peter chovan\Local Settings\Temp\edAFYmX.exe Infected: not-a-virus:AdWare.Win32.Midadle.a skipped
C:\Documents and Settings\peter chovan\Local Settings\Temp\xbh.dll Infected: not-a-virus:AdWare.Win32.Midadle.b skipped
C:\Documents and Settings\peter chovan\Local Settings\Temp\XvmZRfH.exe Infected: not-a-virus:AdWare.Win32.Midadle.d skipped
C:\Documents and Settings\peter chovan\Local Settings\Temporary Internet Files\Content.IE5\CTQ7GX6N\first[1].awp Infected: not-a-virus:AdWare.Win32.InstallDollar.b skipped
C:\Documents and Settings\peter chovan\Local Settings\Temporary Internet Files\Content.IE5\GDQ7K9IZ\second[1].awp Infected: not-a-virus:AdWare.Win32.InstallDollar.b skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\AVG7\Log\emc.log Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Skype\chovanp\call256.dbb Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Skype\chovanp\chat1024.dbb Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Skype\chovanp\chat256.dbb Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Skype\chovanp\chat512.dbb Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Skype\chovanp\chatmsg1024.dbb Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Skype\chovanp\chatmsg256.dbb Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Skype\chovanp\chatmsg512.dbb Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Skype\chovanp\contactgroup256.dbb Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Skype\chovanp\index2.dat Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Skype\chovanp\profile256.dbb Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Skype\chovanp\user1024.dbb Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Skype\chovanp\voicemail256.dbb Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-3882c5a2-6c4ad81f.class Infected: Trojan.Java.ClassLoader.Dummy.d skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\285.jar-2e764d53-12bc2117.zip/Bubble.class Infected: Trojan.Java.ClassLoader.Dummy.e skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\285.jar-2e764d53-12bc2117.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\285.jar-2e764d53-12bc2117.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\285.jar-2e764d53-12bc2117.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenStream.h skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\285.jar-2e764d53-12bc2117.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar.jar-421208e8-72a6f375.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar.jar-421208e8-72a6f375.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar.jar-421208e8-72a6f375.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.d skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar.jar-421208e8-72a6f375.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenStream.d skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar.jar-421208e8-72a6f375.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-1199dff7-5b85c568.zip/Counter.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-1199dff7-5b85c568.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-1199dff7-5b85c568.zip/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-1199dff7-5b85c568.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-58581c27-7766f5cc.zip/Counter.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-58581c27-7766f5cc.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-58581c27-7766f5cc.zip/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-58581c27-7766f5cc.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-5ef20017-643037ca.zip/Counter.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-5ef20017-643037ca.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-5ef20017-643037ca.zip/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-5ef20017-643037ca.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-77402a30-7aaf9b53.zip/Counter.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-77402a30-7aaf9b53.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-77402a30-7aaf9b53.zip/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-77402a30-7aaf9b53.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-21378753-6f85eb4f.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.z skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-21378753-6f85eb4f.zip/VB.class Infected: Trojan.Java.ClassLoader.ak skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-21378753-6f85eb4f.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-21378753-6f85eb4f.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-4dd88aeb-2f6dd825.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.z skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-4dd88aeb-2f6dd825.zip/VB.class Infected: Trojan.Java.ClassLoader.ak skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-4dd88aeb-2f6dd825.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-4dd88aeb-2f6dd825.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-57ef70bd-427bfa52.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.z skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-57ef70bd-427bfa52.zip/VB.class Infected: Trojan.Java.ClassLoader.ak skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-57ef70bd-427bfa52.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-57ef70bd-427bfa52.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1543c252-4a21a11e.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1543c252-4a21a11e.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1543c252-4a21a11e.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1543c252-4a21a11e.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1543c252-4a21a11e.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1543d5aa-7dd2f626.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1543d5aa-7dd2f626.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1543d5aa-7dd2f626.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1543d5aa-7dd2f626.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1543d5aa-7dd2f626.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f8050ce-27567d93.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f8050ce-27567d93.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f8050ce-27567d93.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f8050ce-27567d93.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f8050ce-27567d93.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-2565ac17-4d61474c.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-2565ac17-4d61474c.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-2565ac17-4d61474c.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-2565ac17-4d61474c.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-2565ac17-4d61474c.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-25c13e55-3e381fd9.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-25c13e55-3e381fd9.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-25c13e55-3e381fd9.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-25c13e55-3e381fd9.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-25c13e55-3e381fd9.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-3985cec3-37804769.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-3985cec3-37804769.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-3985cec3-37804769.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-3985cec3-37804769.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-3985cec3-37804769.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-39ba5a25-6b60c0c8.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-39ba5a25-6b60c0c8.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-39ba5a25-6b60c0c8.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-39ba5a25-6b60c0c8.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-39ba5a25-6b60c0c8.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bc0c227-102b47c9.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bc0c227-102b47c9.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bc0c227-102b47c9.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bc0c227-102b47c9.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bc0c227-102b47c9.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bfe7dce-4488eaf8.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bfe7dce-4488eaf8.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bfe7dce-4488eaf8.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bfe7dce-4488eaf8.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bfe7dce-4488eaf8.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-7d9192de-2a07b477.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-7d9192de-2a07b477.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-7d9192de-2a07b477.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-7d9192de-2a07b477.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-7d9192de-2a07b477.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-7eb4d059-23bcb27f.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-7eb4d059-23bcb27f.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-7eb4d059-23bcb27f.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-7eb4d059-23bcb27f.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-7eb4d059-23bcb27f.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-d350ec1-7fc12975.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-d350ec1-7fc12975.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-d350ec1-7fc12975.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-d350ec1-7fc12975.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-d350ec1-7fc12975.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-2de2e2c5-33b32e58.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-2de2e2c5-33b32e58.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-2de2e2c5-33b32e58.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-2de2e2c5-33b32e58.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-40f863f6-2222f769.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-40f863f6-2222f769.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-40f863f6-2222f769.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-40f863f6-2222f769.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6a60bdac-51f0273b.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6a60bdac-51f0273b.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6a60bdac-51f0273b.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6a60bdac-51f0273b.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6a60bdac-63ac19d1.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6a60bdac-63ac19d1.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6a60bdac-63ac19d1.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6a60bdac-63ac19d1.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6fe225af-1df4ab72.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6fe225af-1df4ab72.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6fe225af-1df4ab72.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-6fe225af-1df4ab72.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-7beacf04-5eb53031.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-7beacf04-5eb53031.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-7beacf04-5eb53031.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-7beacf04-5eb53031.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-f09c6f7-1e6e1d68.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-f09c6f7-1e6e1d68.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-f09c6f7-1e6e1d68.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-f09c6f7-1e6e1d68.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-60579a8e-3ede2821.zip/Counter.class Infected: Trojan.Java.Femad skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-60579a8e-3ede2821.zip/VerifierBug.class Infected: Trojan.Java.Femad skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-60579a8e-3ede2821.zip/Worker.class Infected: Trojan.Java.Femad skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-60579a8e-3ede2821.zip/Xeyond.class Infected: Trojan.Java.Femad skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-60579a8e-3ede2821.zip/web.exe Infected: Trojan-Dropper.Win32.Small.uf skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-60579a8e-3ede2821.zip ZIP: infected - 5 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\demo.jar-65faee52-41dc0775.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.j skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\demo.jar-65faee52-41dc0775.zip/Beyond.class Infected: Trojan-Dropper.Java.Beyond.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\demo.jar-65faee52-41dc0775.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\demo.jar-65faee52-41dc0775.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.d skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\demo.jar-65faee52-41dc0775.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ie0601a.jar-523da84a-47ed42f6.zip/Installer.class Infected: Trojan-Downloader.Java.OpenStream.z skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ie0601a.jar-523da84a-47ed42f6.zip ZIP: infected - 1 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-678c1b03-4ca1bd69.zip/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-678c1b03-4ca1bd69.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-678c1b03-4ca1bd69.zip ZIP: infected - 2 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-6ac57e48-5e190e18.zip/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-6ac57e48-5e190e18.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-6ac57e48-5e190e18.zip ZIP: infected - 2 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-76d25779-5eae44ea.zip/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-76d25779-5eae44ea.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-76d25779-5eae44ea.zip ZIP: infected - 2 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-8fba449-4cb8244e.zip/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-8fba449-4cb8244e.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-8fba449-4cb8244e.zip ZIP: infected - 2 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\load14.jar-5d2fff2a-7f972794.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\load14.jar-5d2fff2a-7f972794.zip/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\load14.jar-5d2fff2a-7f972794.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\load14.jar-5d2fff2a-7f972794.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv500.jar-3add8624-30154d67.zip/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv500.jar-3add8624-30154d67.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv500.jar-3add8624-30154d67.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv500.jar-3add8624-30154d67.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv517.jar-2a954101-157062eb.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv517.jar-2a954101-157062eb.zip/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv517.jar-2a954101-157062eb.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv517.jar-2a954101-157062eb.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv637.jar-73722924-416d25b1.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv637.jar-73722924-416d25b1.zip/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv637.jar-73722924-416d25b1.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv637.jar-73722924-416d25b1.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv645.jar-2b3fd1e-757809de.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv645.jar-2b3fd1e-757809de.zip/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv645.jar-2b3fd1e-757809de.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv645.jar-2b3fd1e-757809de.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv667.jar-7410908e-378327a1.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv667.jar-7410908e-378327a1.zip/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv667.jar-7410908e-378327a1.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv667.jar-7410908e-378327a1.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\msjld.jar-6ecc4ec7-188f34e4.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\msjld.jar-6ecc4ec7-188f34e4.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\msjld.jar-6ecc4ec7-188f34e4.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\msjld.jar-6ecc4ec7-188f34e4.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\msjld.jar-6ecc4ec7-188f34e4.zip ZIP: infected - 4 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\proc.jar-e821fb5-687fa2a1.zip/Jvb.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\proc.jar-e821fb5-687fa2a1.zip/MyFunction.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\proc.jar-e821fb5-687fa2a1.zip/MainApp.class Infected: Trojan.Java.ClassLoader.f skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\proc.jar-e821fb5-687fa2a1.zip ZIP: infected - 3 skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\AOL OCP\AIM\Storage\All Users\localStorage\common.cls Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\AOL OCP\AIM\Storage\data\ivetamalikova\localStorage\common.cls Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\dbc2e.ht1 Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\dbdam Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\dbdao Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\dbeam Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\dbeao Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\dbm Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\dbu2d.ht1 Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\dbvm.cf1 Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\dbvmh.ht1 Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\fii.cf1 Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\fiih.ht1 Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\hp Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\hpt2i.ht1 Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\rpm.cf1 Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Google\Google Desktop Search\rpmh.ht1 Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Musicmatch\Jukebox\mmjbaltlog.txt Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Musicmatch\Jukebox\mmjblog.txt Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Musicmatch\MIM\Database\Default.ldb Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Application Data\Musicmatch\MIM\Database\Default.mdb Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\History\History.IE5\MSHist012007051320070514\index.dat Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Temp\Del96.tmp Infected: not-a-virus:AdWare.Win32.180Solutions.ah skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Temp\DelA3.tmp Infected: not-a-virus:AdWare.Win32.180Solutions.ah skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Temp\hsperfdata_peter chovan\324 Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Temp\JET4968.tmp Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\ntuser.dat Object is locked skipped
C:\Documents and Settings\peter chovan.PETER-LAPTOP1\NTUSER.DAT.LOG Object is locked skipped
C:\Program Files\Windows Media Player\EbatesMoeMoneyMaker.exe/data0137 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
C:\Program Files\Windows Media Player\EbatesMoeMoneyMaker.exe NSIS: infected - 1 skipped
C:\Program Files\Windows Media Player\mprocessor.exe Infected: not-a-virus:AdWare.Win32.InstallDollar.a skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{2C0D38B8-DAE6-4117-8DDE-1B598526C6A6}\RP863\change.log Object is locked skipped
C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP61\A0012201.exe Infected: not-a-virus:AdWare.Win32.InstallDollar.a skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.


The upload scan things found nothing.I wanted to post the things but it did not post so I would have to do again.But I remember neither of them found anything.
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Unread postby gamerking#1 » May 13th, 2007, 9:02 pm

can I ask you two questions? one does this computer have a keylogger and after you help me with this computer could you help me with mine or get some one to help me with mine? No one has replied for a long time. :(
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 16 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware