-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, April 05, 2007 9:31:19 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 5/04/2007
Kaspersky Anti-Virus database records: 292009
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
Scan Statistics:
Total number of scanned objects: 221046
Number of viruses found: 55
Number of infected objects: 123 / 0
Number of suspicious objects: 0
Duration of the scan process: 04:11:38
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\ph Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\variable Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\idb\APP10575.LST Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\idb\APP10673.LST Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\idb\APP9760.LST Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\idb\Apps.Lst Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\idb\main.idx Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\idb\sap.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\idb\spool.lst Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\idb\STYLE.LST Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\idb\sysnews.lst Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\idb\Toolbar.lst Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\organize\CACHE\queenscutter101 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\organize\queenscutter123 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\organize\queenscutter123.abi Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\organize\queenscutter123.aby Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\ShopAssist\DataStore\global\clientcache.adb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_America Online 9.0a\ShopAssist\DataStore\users\Queenscutter123.adb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\storage\cache.db Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\storage\server.lock Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\storage\stderr.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\storage\stdout.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\cls\common.cls Object is locked skipped
C:\Documents and Settings\All Users\Application Data\mcafee.com personal firewall\data\IpRules.xdb Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\2020setup.exe/2020search2.dll Infected: not-a-virus:AdWare.Win32.PowerSearch.c skipped
C:\Documents and Settings\Owner\2020setup.exe SetupFactory: infected - 1 skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\AOL\UserProfiles\All Users\cls\common.cls Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Hello\db\521085\catalog.lock Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Hello\db\521085\chat\catalog.lock Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Hello\db\521085\fileacl\chat\catalog.lock Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Hello\db\521085\mach.db Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Hello\db\521085\thumbs.db Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Hello\db\521085\xml.db Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012007040520070406\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\hpodvd09.log Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_3y1QjwxMwMYWPco Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_6du7mTD0uTcbZCt Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_6Ws4wGSBf2LA44h Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_7BAv6vsirlgmYwI Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_97iEnyL79KwbJcd Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_Ac2kLbjkRsnVXlt Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_cYXfAJT3qksrZzK Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_d6G6XV7R31HQHmG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_dAjaOiAy3flzLBO Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_E9kTCOLeo1LeDnY Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_EAo5VJ82eGySBs1 Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_EhpgcZEKc84ELGg Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_FQqiW1ANVaQ0z06 Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_G133yeUyi1w7nIa Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_GI43hfTNQpaPRvl Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_gjFFr071Df1lfWo Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_gujks0ffdoQXRl9 Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_HyVQmwtUetv30CM Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_LGp9QxBVsR2MjYU Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_lNGlnMsTXIxbfKj Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_nOjxkFZGfgBSLVe Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_Ok1Nn25a8hDSAaF Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_PzCQw8k4WnPhl9e Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_qK5qNQr1Pa99D4x Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_qlKNUE7ye5wLcVF Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_qxm9Hxf6BMgxgUN Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_REmZo9WbZx9MQjO Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_rZfRQcEVvqnTBcb Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_th7RJeIYoduGARc Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_uOMajW2cElEv1ZT Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_V2zrKvPIeUiSCiU Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_vaLeUFn98dMBrNI Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_vAxEVh2sxsxCGbo Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_WbMvE0BaWdutldk Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_x5FNHYSmUOoNh8E Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\sqlite_XeFHnk3A6koBvsv Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\My Documents\DivXPro511Adware.exe/stream/data0019 Infected: not-a-virus:AdWare.Win32.Gator.3202 skipped
C:\Documents and Settings\Owner\My Documents\DivXPro511Adware.exe/stream Infected: not-a-virus:AdWare.Win32.Gator.3202 skipped
C:\Documents and Settings\Owner\My Documents\DivXPro511Adware.exe NSIS: infected - 2 skipped
C:\Documents and Settings\Owner\My Documents\My Music\iMeshV3.exe/WISE0021.BIN Infected: not-a-virus:AdWare.Win32.SideStep.e skipped
C:\Documents and Settings\Owner\My Documents\My Music\iMeshV3.exe/WISE0024.BIN Infected: not-a-virus:AdWare.Win32.CommonName.p skipped
C:\Documents and Settings\Owner\My Documents\My Music\iMeshV3.exe/WISE0026.BIN/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\Documents and Settings\Owner\My Documents\My Music\iMeshV3.exe/WISE0026.BIN/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\Documents and Settings\Owner\My Documents\My Music\iMeshV3.exe/WISE0026.BIN Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\Documents and Settings\Owner\My Documents\My Music\iMeshV3.exe/WISE0027.BIN Infected: not-a-virus:AdWare.Win32.EZula.d skipped
C:\Documents and Settings\Owner\My Documents\My Music\iMeshV3.exe/WISE0029.BIN Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\Documents and Settings\Owner\My Documents\My Music\iMeshV3.exe/WISE0030.BIN Infected: not-a-virus:AdWare.Win32.Gator.3202 skipped
C:\Documents and Settings\Owner\My Documents\My Music\iMeshV3.exe WiseSFX: infected - 8 skipped
C:\Documents and Settings\Owner\ntuser.dat Object is locked skipped
C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped
C:\Program Files\a-squared Free\Quarantine\6530976dc40de19bc1cefee144937413.a2q/System Volume Information/_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}/RP45/A0013273.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Program Files\a-squared Free\Quarantine\6530976dc40de19bc1cefee144937413.a2q ZIP: infected - 1 skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035809.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035810.dll Infected: not-a-virus:AdWare.Win32.F1Organizer.c skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035811.dll Infected: not-a-virus:AdWare.Win32.F1Organizer.b skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035812.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035813.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035814.exe Infected: not-a-virus:AdWare.Win32.BiSpy.f skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035815.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035816.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035817.dll Infected: not-a-virus:AdWare.Win32.Gonaser.a skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035818.dll Infected: not-a-virus:AdWare.Win32.Gonaser.a skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035820.dll Infected: not-a-virus:AdWare.Win32.Gonaser.a skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035821.exe Infected: not-a-virus:AdWare.Win32.WinFetcher.b skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035822.dll Infected: not-a-virus:AdWare.Win32.F1Organizer.c skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035823.exe Infected: Trojan-Downloader.Win32.Adload.k skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035824.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035825.exe Infected: Trojan-Downloader.Win32.Adload.a skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035826.DLL Infected: not-a-virus:AdWare.Win32.ClearSearch.j skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035827.dll Infected: not-a-virus:AdWare.Win32.F1Organizer.c skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035828.exe Infected: Trojan-Downloader.Win32.Wren.n skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035829.dll Infected: not-a-virus:AdWare.Win32.F1Organizer.a skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035830.exe Infected: Trojan.Win32.StartPage.bf skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035831.ocx Infected: not-a-virus:AdWare.Win32.FreeScratch.a skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035833.exe Infected: not-a-virus:AdWare.Win32.Look2Me.e skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035834.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035835.exe Infected: Trojan-Downloader.Win32.OneClickNetSearch.f skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035836.exe Infected: Trojan-Downloader.Win32.Adload.a skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035837.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035838.exe/stream/data0001 Infected: not-a-virus:AdWare.Win32.BargainBuddy.n skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035838.exe/stream Infected: not-a-virus:AdWare.Win32.BargainBuddy.n skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035838.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035838.exe CryptFF: infected - 2 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035839.dll Infected: not-a-virus:AdWare.Win32.F1Organizer.c skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035840.exe Infected: Trojan-Downloader.Win32.Adload.a skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035841.exe Infected: Trojan-Downloader.Win32.Adload.e skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035842.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035843.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035844.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035845.exe Infected: Trojan-Downloader.Win32.Adload.k skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035846.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035847.exe Infected: not-a-virus:AdWare.Win32.ClearSearch.q skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035848.exe Infected: Trojan.Win32.SecondThought.c skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035849.exe/systb.dll Infected: not-a-virus:AdWare.Win32.ImiBar.i skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035849.exe CAB: infected - 1 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035849.exe MimarSinan: infected - 1 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035849.exe UPX: infected - 1 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035849.exe CryptFF: infected - 1 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035850.exe/msbb.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035850.exe CAB: infected - 1 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035850.exe MimarSinan: infected - 1 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035850.exe UPX: infected - 1 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035850.exe CryptFF: infected - 1 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035851.srg Infected: not-a-virus:AdWare.Win32.BargainBuddy.q skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035852.dll Infected: Trojan-Downloader.Win32.QDown.l skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035853.exe Infected: Trojan-Downloader.Win32.Stubby.b skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035854.dll Infected: not-a-virus:AdWare.Win32.Gonaser.a skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035855.dll Infected: Trojan-Spy.Win32.Idly.c skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035856.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035857.exe Infected: not-a-virus:AdWare.Win32.Look2Me.g skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035858.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035859.dll Infected: Trojan-Downloader.Win32.QDown.l skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035860.exe/data0003/data0001 Infected: not-a-virus:AdWare.Win32.WebRebates.g skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035860.exe/data0003 Infected: not-a-virus:AdWare.Win32.WebRebates.g skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035860.exe/data0003 Infected: not-a-virus:AdWare.Win32.WebRebates.d skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035860.exe/data0004 Infected: not-a-virus:AdWare.Win32.WebRebates.d skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035860.exe/data0005 Infected: not-a-virus:AdWare.Win32.WebRebates.c skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035860.exe NSIS: infected - 5 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035860.exe CryptFF: infected - 5 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035861.exe/WISE0009.BIN Infected: Trojan-Downloader.Win32.TSUpdate.n skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035861.exe/WISE0010.BIN Infected: Trojan-Downloader.Win32.TSUpdate.p skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035861.exe/WISE0011.BIN Infected: Trojan-Downloader.Win32.TSUpdate.l skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035861.exe/WISE0012.BIN Infected: Trojan-Downloader.Win32.TSUpdate.f skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035861.exe WiseSFX: infected - 4 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035861.exe CryptFF: infected - 4 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035862.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035863.exe Infected: Trojan.Win32.VB.jh skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035864.exe Infected: not-a-virus:Downloader.Win32.Agent.c skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035865.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035866.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035867.exe Infected: Trojan-Downloader.Win32.Small.cdo skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035869.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035870.dll Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035871.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035872.exe/getnexus.exe Infected: not-a-virus:AdWare.Win32.SurfSide.s skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035872.exe/webnexus.exe Infected: Trojan-Downloader.Win32.Qoologic.bm skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035872.exe CAB: infected - 2 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035872.exe MimarSinan: infected - 2 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035872.exe UPX: infected - 2 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035872.exe CryptFF: infected - 2 skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035874.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035875.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035876.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035877.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035878.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035879.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035880.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP158\A0035881.exe Infected: Trojan-Downloader.Win32.Small.akz skipped
C:\System Volume Information\_restore{0193FC1C-0A70-478B-8107-B531B8E70CAB}\RP159\change.log Object is locked skipped
C:\windows\bundles\s4Sept.exe Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
C:\windows\bundles\wrapperouter.exe/WISE0001.BIN Infected: not-a-virus:AdWare.Win32.VirtualBouncer.j skipped
C:\windows\bundles\wrapperouter.exe WiseSFX: infected - 1 skipped
C:\windows\bundles\wrapperouter.exe WiseSFX Dropper: infected - 1 skipped
C:\WINNT\7a87lplw.exe Infected: not-a-virus:AdWare.Win32.Adtomi.f skipped
C:\WINNT\Debug\PASSWD.LOG Object is locked skipped
C:\WINNT\Downloaded Program Files\installer_MARKETING32.exe/stream/data0001 Infected: not-a-virus:AdWare.Win32.BargainBuddy.ah skipped
C:\WINNT\Downloaded Program Files\installer_MARKETING32.exe/stream Infected: not-a-virus:AdWare.Win32.BargainBuddy.ah skipped
C:\WINNT\Downloaded Program Files\installer_MARKETING32.exe NSIS: infected - 2 skipped
C:\WINNT\nr90ptiv.exe Infected: not-a-virus:AdWare.Win32.Adtomi.f skipped
C:\WINNT\SchedLgU.Txt Object is locked skipped
C:\WINNT\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINNT\Sti_Trace.log Object is locked skipped
C:\WINNT\system32\config\AppEvent.Evt Object is locked skipped
C:\WINNT\system32\config\DEFAULT Object is locked skipped
C:\WINNT\system32\config\default.LOG Object is locked skipped
C:\WINNT\system32\config\Internet.evt Object is locked skipped
C:\WINNT\system32\config\SAM Object is locked skipped
C:\WINNT\system32\config\SAM.LOG Object is locked skipped
C:\WINNT\system32\config\SecEvent.Evt Object is locked skipped
C:\WINNT\system32\config\SECURITY Object is locked skipped
C:\WINNT\system32\config\SECURITY.LOG Object is locked skipped
C:\WINNT\system32\config\SOFTWARE Object is locked skipped
C:\WINNT\system32\config\software.LOG Object is locked skipped
C:\WINNT\system32\config\SysEvent.Evt Object is locked skipped
C:\WINNT\system32\config\SYSTEM Object is locked skipped
C:\WINNT\system32\config\system.LOG Object is locked skipped
C:\WINNT\system32\h323log.txt Object is locked skipped
C:\WINNT\system32\msmkmi.dll Infected: not-a-virus:AdWare.Win32.WebSearch.bb skipped
C:\WINNT\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINNT\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINNT\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINNT\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINNT\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINNT\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINNT\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINNT\system32\WinExplore.exe Infected: not-a-virus:AdWare.Win32.Getup.c skipped
C:\WINNT\wiadebug.log Object is locked skipped
C:\WINNT\wiaservc.log Object is locked skipped
C:\WINNT\WindowsUpdate.log Object is locked skipped
Scan process completed.
Logfile of HijackThis v1.99.1
Scan saved at 9:34:28 PM, on 4/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\wanmpsvc.exe
C:\WINNT\system32\SK9910DM.EXE
C:\WINNT\System32\igfxtray.exe
C:\WINNT\System32\hkcmd.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\AOL\1100994751\ee\AOLSoftware.exe
C:\WINNT\GWMDMMSG.exe
C:\Program Files\Common Files\AOL\1100994751\ee\services\sscAntiSpywarePlugin\ver1_10_3_1\AOLSP Scheduler.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\AIM95\aim.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\common files\aol\1100994751\ee\aolssc.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\Program Files\Common Files\Aol\aoltpspd.exe
c:\program files\common files\aol\1100994751\ee\anotify.exe
C:\WINNT\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.geocities.com/samidavis20032003/index2.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [Keyboard Preload Check] C:\OEMDRVRS\KEYB\Preload.exe /DEVID: /CLASS:Keyboard /RunValue:"Keyboard Preload Check"
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [dpvsetunp.exe] C:\WINNT\System32\dpvsetunp.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100994751\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1100994751\ee\services\sscAntiSpywarePlugin\ver1_10_3_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\Agent\mcupdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AIM Search -
res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Define - C:\WINNT\Web\ERS_DEF.HTM
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\WINNT\Web\ERS_ENC.HTM
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .cfm: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) -
http://support.gateway.com/support/cont ... assist.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {0F04992B-E661-4DB9-B223-903AB628225D} (DoMoreRunExe.DoMoreRun) -
file://C:\Program Files\Gateway\Do More\DoMoreRunExe.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} -
http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} -
http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) -
https://objects.aol.com/mcafee/molbin/s ... insctl.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) -
http://updates.lifescapeinc.com/install ... nstall.cab
O16 - DPF: {89D75D39-5531-47BA-9E4F-B346BA9C362C} (CWDL_DownLoadControl Class) -
http://www.callwave.com/include/cab/CWDL_DownLoad.CAB
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) -
http://www.installengine.com/engine/isetup.cab
O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) -
http://support.gateway.com/support/seri ... /gwCID.CAB
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
https://objects.aol.com/mcafee/molbin/s ... cGDMgr.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) -
http://security.symantec.com/SSC/Shared ... /cabsa.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) -
http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} -
https://www-secure.symantec.com/techsup ... mAData.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{45428E6C-2A6C-4BE2-950F-5F334FBD5C36}: NameServer = 205.188.146.145
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINNT\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe
O23 - Service: PictureTaker - Unknown owner - c:\fixit\pt\PCTKRNT.SYS (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINNT\wanmpsvc.exe