I was able to run it through Firefox. Here are the results
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Saturday, August 9, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 1 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Saturday, August 09, 2008 00:14:55
Records in database: 1070682
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
A:\
C:\
E:\
F:\
Scan statistics:
Files scanned: 81569
Threat name: 13
Infected objects: 34
Suspicious objects: 0
Duration of the scan: 08:00:12
File name / Threat name / Threats count
C:\Documents and Settings\Alex\Local Settings\Temporary Internet Files\Content.IE5\8XIQ1UUN\kb456456[1] Infected: Trojan.Win32.Monder.biw 1
C:\Documents and Settings\Alex\Local Settings\Temporary Internet Files\Content.IE5\W5QXNWHP\kb456456[1] Infected: Trojan.Win32.Monder.biw 1
C:\QooBox\Quarantine\C\WINDOWS\default.htm.vir Infected: not-virus:Hoax.HTML.Secureinvites.b 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ayyfjwoe.dll.vir Infected: Trojan.Win32.Monder.biw 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\clmhavdf.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.byt 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gnhwcewr.dll.vir Infected: Trojan.Win32.Monder.biw 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\iaytnpcb.dll.vir Infected: Trojan.Win32.Monder.cev 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jwyijg.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.byt 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kvxkngfk.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.bzs 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\njdqto.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.bzs 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nuupik.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.bwk 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ogsyepmu.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.cap 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qqmykx.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.buv 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rrlnegho.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.bwk 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wthnrogl.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.cap 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xfphyl.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.cap 1
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yfsffjjh.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.buv 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP113\A0029613.dll Infected: Trojan.Win32.Monder.bdp 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP113\A0029627.dll Infected: Trojan.Win32.Monder.biw 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP114\A0030670.dll Infected: Trojan.Win32.Monder.brq 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP115\A0030699.dll Infected: Trojan.Win32.Monder.byj 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP118\A0038805.dll Infected: Trojan.Win32.Monder.biw 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP118\A0038806.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.byt 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP118\A0038810.dll Infected: Trojan.Win32.Monder.biw 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP118\A0038812.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.byt 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP118\A0038813.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.bzs 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP118\A0038815.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.bzs 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP118\A0038816.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.bwk 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP118\A0038819.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.buv 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP118\A0038820.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.bwk 1
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP118\A0038823.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.buv 1
C:\WINDOWS\ncvkrmxk.exe Infected: not-virus:Hoax.Win32.Renos.bhe 1
C:\WINDOWS\ozmrahax.exe Infected: Trojan.Win32.Obfuscated.gx 1
C:\WINDOWS\ufudmjiz.dll Infected: Trojan.Win32.Obfuscated.gx 1
The selected area was scanned.
Here is a new hijack this
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:39:00 AM, on 8/9/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\lxctcoms.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\MSC\mcshell.exe
C:\Program Files\Trend Micro\HijackThis\vasa129.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.comcast.net/toolbar2.0/search/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://comcast.net/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.comcast.net/toolbar2.0/search/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) -
http://www.comcastsupport.com/oneclickfix/tgctlsr.cabO16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) -
http://www.phgenit.com/plugin/awarewebp ... wswaxf.cabO16 - DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} (CPlayFirstPiratePoppersControl Object) -
http://playgames.comcast.net/online2/pi ... 0.0.32.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn.com/binFramework/v ... b56649.cabO16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) -
http://onlinedesigner.hgtv.com/images/app/view22rte.cabO16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) -
http://playgames.comcast.net/online2/go ... dfever.cabO16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/iss-l ... cfscan.cabO23 - Service: McAfee Application Installer Cleanup (0003041217980824) (0003041217980824mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\000304~1.EXE (file missing)
O23 - Service: lxct_device - - C:\WINDOWS\System32\lxctcoms.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 7002 bytes
I will be out of town for the next week. I will respond to you when I get back
Thanks