Kaspersky Online Scanner report:--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Tuesday, June 2, 2009
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Tuesday, June 02, 2009 09:28:21
Records in database: 2295588
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
H:\
K:\
W:\
X:\
Y:\
Z:\
Scan statistics:
Files scanned: 111108
Threat name: 5
Infected objects: 106
Suspicious objects: 0
Duration of the scan: 02:47:43
File name / Threat name / Threats count
C:\Qoobox\Quarantine\C\WINDOWS\system32\bibegipe.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\bidatemi.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\biruwuta.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\bivirulo.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\bogiviza.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\bohodebu.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\buguroru.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\bulurevo.dll.tmp.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\dapatudi.dll.tmp.vir Infected: Trojan.Win32.Stuh.jgc 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\depawehe.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\dewezuwa.dll.tmp.vir Infected: Trojan.Win32.Stuh.jgc 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\duvapoji.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\gigahone.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\hifikino.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\hokowoya.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\hozebede.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\janeguwo.dll.tmp.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\jawobofe.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\jopopaya.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\juvemipe.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\juyarono.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\kegayezu.dll.tmp.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\kejimile.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\kupuweyo.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\lalohuni.dll.vir Infected: Trojan.Win32.Monder.byqu 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\lefeveli.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\lerosusi.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\loviheti.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\majubilu.exe.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\megumipa.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\mohohimu.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\nahiyuku.dll.tmp.vir Infected: Trojan.Win32.Stuh.jgc 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\nehirudu.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\nopepizo.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\pokazejo.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\ratanofi.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\ruseduja.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\samadehi.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\satunano.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\setorera.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\sijanidu.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\sivosari.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\taviretu.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\vepogihe.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\viborite.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\vidutade.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\wibayoja.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\yatiroku.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\yozamodi.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\yunizawa.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\zidekebe.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\zojetiru.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\zumosezu.dll.vir Infected: Packed.Win32.Krap.q 1
C:\Qoobox\Quarantine\[4]-Submit_2009-06-02_00.04.20.zip Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP35\A0034152.exe Infected: Trojan.Win32.BHO.swb 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0037732.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0037733.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0037734.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0038996.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0038997.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0038998.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0038999.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039000.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039001.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039002.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039005.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039006.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039014.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039016.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039017.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039018.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039023.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039024.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039025.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039026.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039027.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039028.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039029.dll Infected: Trojan.Win32.Monder.byqu 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039030.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039031.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039033.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039034.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039035.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039036.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039037.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039042.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039043.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039044.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039045.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039046.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039047.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039048.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039049.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039050.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039060.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039061.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039062.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039063.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039064.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039065.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039066.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039067.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039069.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039070.dll Infected: Packed.Win32.Krap.q 1
C:\System Volume Information\_restore{CD0F98FD-43EB-4EEF-BDFA-19435698C93B}\RP38\A0039073.exe Infected: Packed.Win32.Krap.q 1
C:\WINDOWS\system32\big ol virus.jpg Infected: Trojan-Clicker.Win32.VB.bfp 1
The selected area was scanned.
New Hijackthis log:Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:30:46 PM, on 2/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Novell\XTAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
C:\Program Files\Common Files\Juniper Networks\TNC Client\jTnccService.exe
C:\Program Files\Juniper Networks\Odyssey Access Client\odClientService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mdnsresponder.exe
C:\Program Files\Novell\ZENworks\nalntsrv.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\WINDOWS\system32\o2flash.exe
C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Novell\ZENworks\wm.exe
C:\WINDOWS\TEMP\HY2F5E.EXE
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmproxy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\WINDOWS\system32\dpmw32.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\NETGEAR\WG511\Utility\wg511wlu.exe
C:\WINDOWS\system32\iprntctl.exe
C:\WINDOWS\system32\iprntlgn.exe
C:\Program Files\iTunes\ituneshelper.exe
C:\Program Files\Juniper Networks\Odyssey Access Client\OdTray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\googletoolbarnotifier.exe
C:\Program Files\Novell\ZENworks\WMRUNDLL.EXE
C:\Program Files\Skype\Phone\skype.exe
C:\Program Files\DataStudio\PASPortal.exe
C:\Program Files\Novell\ZENworks\NalAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypepm.exe
\gw\sys\public\clntrust.exe
\gw\sys\public\wbalance.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
https://intranet.wesleycollege.net/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
https://intranet.wesleycollege.net/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
https://intranet.wesleycollege.net/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wesley College
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =
http://proxy.wesleycollege.net/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
O4 - HKLM\..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
O4 - HKLM\..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
O4 - HKLM\..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
O4 - HKLM\..\Run: [NDPS] C:\WINDOWS\system32\dpmw32.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [ZENRC Tray Icon] C:\WINDOWS\system32\zentray.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [WG511WLU] C:\Program Files\NETGEAR\WG511\Utility\WG511WLU.exe -hide
O4 - HKLM\..\Run: [iPrint Tray] C:\WINDOWS\system32\iprntctl.exe TRAY_ICON
O4 - HKLM\..\Run: [iPrint Event Monitor] C:\WINDOWS\system32\iprntlgn.exe
O4 - HKLM\..\Run: [TalkAndWrite] D:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\1163D2B46CC742E5A3CC9E4157887751\TalkAndWrite.exe /run
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [OdTray.exe] C:\Program Files\Juniper Networks\Odyssey Access Client\OdTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [mount.exe] C:\Program Files\GiPo@Utilities\FileUtilities.3\mount.exe /z
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Application Explorer.lnk = C:\Program Files\Novell\ZENworks\NalView.exe
O4 - Global Startup: PASPortal.lnk = C:\Program Files\DataStudio\PASPortal.exe
O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw -
res://C:\PROGRA~1\MICROS~2\Office\1033\phdintl.dll/phdContext.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Novell delivered applications - {C1994287-422F-47aa-8E5E-6323E210A125} - C:\Program Files\Novell\ZENworks\AxNalServer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://intranet.wesleycollege.net/
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/EN-AU/a-U ... E_UNO1.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupda ... 9850260890O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) -
file://C:\WINDOWS\msxml4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://messenger.zone.msn.com/binary/ZI ... b56649.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b56907.cabO16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupControlXP Class) -
https://juniper.net/dana-cached/setup/J ... tupSP1.cabO16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) -
https://juniper.net/dana-cached/sc/Juni ... Client.cabO16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) -
https://secure.gopetslive.com/dev/GoPetsWeb.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{F751CA9B-507D-432C-B582-5AD219BEFD20}: Domain = wesleycollege.net
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: Juniper TNC Endpoint Assessment (EacService) - Juniper Networks - C:\Program Files\Common Files\Juniper Networks\TNC Client\jTnccService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Juniper Unified Network Service (JuniperAccessService) - Juniper Networks - C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Novell Application Launcher (NALNTSERVICE) - Novell, Inc. - C:\Program Files\Novell\ZENworks\nalntsrv.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - O2Micro International - C:\WINDOWS\system32\o2flash.exe
O23 - Service: Juniper OAC Service (odClientService) - Juniper Networks, Inc. - C:\Program Files\Juniper Networks\Odyssey Access Client\odClientService.exe
O23 - Service: Novell ZENworks Remote Management Agent (Remote Management Agent) - Novell, Inc. - C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: OfficeScan NT Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
O23 - Service: Novell XTier Agent Services (XTAgent) - Novell, Inc. - C:\WINDOWS\System32\Novell\XTAgent.exe
O23 - Service: Workstation Manager (ZFDWM) - Novell, Inc. - C:\Program Files\Novell\ZENworks\wm.exe
--
End of file - 12585 bytes