MY H AND I DRIVES ARE IPODS...I FORMATTED THEM WITH INBUILT FORMAT FUNCTION WITHIN THE IPOD...SO I WILL NO LONGER CONNECT THEM TO MY PC UNTIL ITS CLEANED
NOW NAV 2007 POPS UP TROJANS SECURITY RISKS
HERE IS THE SYSCLEAN LOG:
/--------------------------------------------------------------\
| Trend Micro System Cleaner |
| Copyright 2006, Trend Micro, Inc. |
| http://www.antivirus.com |
\--------------------------------------------------------------/
2008-01-21, 10:54:35, Auto-clean mode specified.
2008-01-21, 10:54:35, Running scanner "C:\Documents and Settings\B h a r a t\Desktop\Sysclean\TSC.BIN"...
2008-01-21, 10:57:23, Scanner "C:\Documents and Settings\B h a r a t\Desktop\Sysclean\TSC.BIN" has finished running.
2008-01-21, 10:57:23, TSC Log:
2008-01-21, 10:57:27, An error was detected on "C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\*.*": Access is denied.
2008-01-21, 10:57:27, An error was detected on "C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\*.*": Access is denied.
2008-01-21, 10:57:57, An error was detected on "C:\System Volume Information\*.*": Access is denied.
2008-01-21, 10:58:16, An error was detected on "D:\System Volume Information\*.*": Access is denied.
2008-01-21, 11:23:11, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/21/2008 10:58:18
VSAPI Engine Version : 8.500-1002
VSCANTM Version : 1.1-1001
Virus Pattern Version : 951 (249931 Patterns) (2008/01/17) (495100)
Command Line: C:\Documents and Settings\B h a r a t\Desktop\Sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\B h a r a t\Desktop\Sysclean
C:\RECYCLER\S-1-5-21-839522115-57989841-1801674531-1003\Dc21\Quarantine\H\autorun.inf.vir [Possible_Otorun1]
28957 files have been read.
28957 files have been checked.
28928 files have been scanned.
67222 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/21/2008 11:23:09
---------*---------*---------*---------*---------*---------*---------*---------*
2008-01-21, 11:23:11, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/21/2008 10:58:17
VSAPI Engine Version : 8.500-1002
VSCANTM Version : 1.1-1001
Virus Pattern Version : 951 (249931 Patterns) (2008/01/17) (495100)
Command Line: C:\Documents and Settings\B h a r a t\Desktop\Sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\B h a r a t\Desktop\Sysclean
28957 files have been read.
28957 files have been checked.
28928 files have been scanned.
67222 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/21/2008 11:23:09 24 minutes 50 seconds (1490.20 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2008-01-21, 11:23:11, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/21/2008 10:58:17
VSAPI Engine Version : 8.500-1002
VSCANTM Version : 1.1-1001
Virus Pattern Version : 951 (249931 Patterns) (2008/01/17) (495100)
Command Line: C:\Documents and Settings\B h a r a t\Desktop\Sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\B h a r a t\Desktop\Sysclean
28957 files have been read.
28957 files have been checked.
28928 files have been scanned.
67222 files have been scanned. (including files in archived)
1 files containing viruses.
Found 1 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/21/2008 11:23:09 24 minutes 50 seconds (1490.20 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2008-01-21, 11:23:11, Scanner "C:\Documents and Settings\B h a r a t\Desktop\Sysclean\VSCANTM.BIN" has finished running.
2008-01-21, 11:36:21, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/21/2008 11:23:12
VSAPI Engine Version : 8.500-1002
VSCANTM Version : 1.1-1001
Virus Pattern Version : 951 (249931 Patterns) (2008/01/17) (495100)
Command Line: C:\Documents and Settings\B h a r a t\Desktop\Sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\B h a r a t\Desktop\Sysclean
3103 files have been read.
3103 files have been checked.
3102 files have been scanned.
18335 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/21/2008 11:36:17
---------*---------*---------*---------*---------*---------*---------*---------*
2008-01-21, 11:36:21, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/21/2008 11:23:12
VSAPI Engine Version : 8.500-1002
VSCANTM Version : 1.1-1001
Virus Pattern Version : 951 (249931 Patterns) (2008/01/17) (495100)
Command Line: C:\Documents and Settings\B h a r a t\Desktop\Sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\B h a r a t\Desktop\Sysclean
3103 files have been read.
3103 files have been checked.
3102 files have been scanned.
18335 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/21/2008 11:36:17 13 minutes 4 seconds (783.58 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2008-01-21, 11:36:21, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 1/21/2008 11:23:12
VSAPI Engine Version : 8.500-1002
VSCANTM Version : 1.1-1001
Virus Pattern Version : 951 (249931 Patterns) (2008/01/17) (495100)
Command Line: C:\Documents and Settings\B h a r a t\Desktop\Sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\B h a r a t\Desktop\Sysclean
3103 files have been read.
3103 files have been checked.
3102 files have been scanned.
18335 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 1/21/2008 11:36:17 13 minutes 4 seconds (783.58 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2008-01-21, 11:36:21, Scanner "C:\Documents and Settings\B h a r a t\Desktop\Sysclean\VSCANTM.BIN" has finished running.
--------------------------------------------------------------------------------------------------------------------
HERE IS THE COMBOFIX LOG:
ComboFix 08-01-23.1 - B h a r a t 2008-01-23 13:09:41.12 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.129 [GMT -8:00]
Running from: C:\Documents and Settings\B h a r a t\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\B h a r a t\Desktop\CFScript.txt
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE
C:\uxdeiect.com
D:\uxdeiect.com
E:\uxdeiect.com
F:\uxdeiect.com
G:\uxdeiect.com
.
((((((((((((((((((((((((( Files Created from 2007-12-23 to 2008-01-23 )))))))))))))))))))))))))))))))
.
2008-01-23 13:08 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
2008-01-23 07:17 . 2008-01-23 07:21 <DIR> d-------- C:\Program Files\Norton AntiVirus
2008-01-23 07:16 . 2008-01-23 07:19 <DIR> d-------- C:\Program Files\Symantec
2008-01-23 07:16 . 2008-01-23 07:19 115,000 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-01-23 07:16 . 2008-01-23 07:19 48,776 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2008-01-23 07:16 . 2008-01-23 07:19 8,014 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-01-23 07:16 . 2008-01-23 07:19 806 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-01-23 06:45 . 2008-01-23 11:58 16 --a------ C:\WINDOWS\system32\coh.cache
2008-01-23 05:18 . 2007-04-23 02:15 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-01-23 05:17 . 2008-01-23 05:18 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-01-22 14:18 . 2008-01-22 14:18 7,168 --ahs---- C:\WINDOWS\Thumbs.db
2008-01-22 04:04 . 2008-01-23 05:50 <DIR> d--hs---- C:\INCINERATE
2008-01-22 03:41 . 2008-01-23 12:54 1,399 --a------ C:\WINDOWS\SysMech6.INI
2008-01-22 03:37 . 2008-01-22 03:37 <DIR> d-------- C:\Program Files\iolo
2008-01-22 03:37 . 2006-12-20 17:48 1,212,416 --a------ C:\WINDOWS\system32\Incinerator.dll
2008-01-22 03:37 . 2006-03-28 01:54 41,472 --a------ C:\WINDOWS\system32\iolobtdfg.exe
2008-01-22 03:37 . 2005-09-12 13:20 25,264 --a------ C:\WINDOWS\system32\smrgdf.exe
2008-01-22 03:37 . 2006-03-28 01:54 9,341 --a------ C:\WINDOWS\system32\drivers\filedisk.sys
2008-01-21 14:11 . 2008-01-21 14:11 <DIR> d-------- C:\Program Files\CCleaner
2008-01-21 11:50 . 2006-09-25 17:58 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-01-21 04:16 . 2008-01-21 04:16 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-01-20 13:02 . 2008-01-21 00:17 <DIR> d-------- C:\Program Files\LeechGet 2004
2008-01-18 07:37 . 2008-01-18 07:38 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-01-18 07:37 . 2008-01-18 07:37 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-01-18 04:06 . 2008-01-18 04:06 0 --a------ C:\WINDOWS\PowerReg.dat
2008-01-18 04:04 . 2008-01-18 04:04 <DIR> d-------- C:\Program Files\NovaLogic
2008-01-18 04:03 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-01-12 02:19 . 2008-01-12 02:19 <DIR> d-------- C:\Program Files\Camfrog
2008-01-11 22:24 . 2008-01-11 22:24 <DIR> d-------- C:\WINDOWS\PaltalkScene
2008-01-11 22:24 . 2008-01-18 11:44 <DIR> d-------- C:\Program Files\Paltalk Messenger
2008-01-11 22:15 . 2004-05-11 08:14 719,872 --a------ C:\WINDOWS\system32\devil.dll
2008-01-11 22:15 . 2006-05-11 18:32 502,784 --a------ C:\WINDOWS\x2.64.exe
2008-01-11 22:15 . 2006-12-12 14:15 471,552 --a------ C:\WINDOWS\system32\Smab.dll
2008-01-11 22:15 . 2006-11-12 13:44 306,688 --a------ C:\WINDOWS\system32\avisynth.dll
2008-01-11 22:15 . 2005-11-10 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2008-01-11 22:15 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe
2008-01-11 22:15 . 2004-01-03 00:08 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2008-01-11 22:15 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe
2008-01-11 22:15 . 2005-07-11 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2008-01-11 02:09 . 2008-01-11 02:09 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-01-09 22:36 . 2008-01-09 22:36 <DIR> d-------- C:\Program Files\Broadcom
2008-01-09 22:36 . 2006-11-21 04:25 45,568 -ra------ C:\WINDOWS\system32\drivers\bcm4sbxp.sys
2008-01-09 11:19 . 2007-10-30 09:20 360,064 -----c--- C:\WINDOWS\system32\dllcache\tcpip.sys
2008-01-09 08:43 . 2004-07-13 20:16 139,264 --a------ C:\WINDOWS\system32\UStorSrv.exe
2008-01-09 08:43 . 2004-07-26 02:34 139,264 --a------ C:\WINDOWS\system32\OPDSL.DLL
2008-01-05 23:32 . 2008-01-05 23:32 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-05 02:12 . 2008-01-05 02:12 <DIR> d-------- C:\Program Files\AviSynth 2.5
2008-01-05 01:45 . 2008-01-05 01:45 <DIR> d-------- C:\Program Files\eRightSoft
2008-01-04 03:13 . 2008-01-04 03:13 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-12-25 09:52 . 2007-12-25 09:53 <DIR> d-------- C:\Program Files\Yahoo!
2007-12-23 13:39 . 2007-12-23 13:39 <DIR> d-------- C:\Program Files\LimeWire
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-23 16:34 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-11 11:22 --------- d-----w C:\Program Files\WebcamMax
2007-12-22 09:46 --------- d-----w C:\Program Files\DIFX
2007-12-22 09:45 --------- d-----w C:\Program Files\PC Connectivity Solution
2007-12-22 09:45 --------- d-----w C:\Program Files\Nokia
2007-12-22 09:45 --------- d-----w C:\Program Files\Common Files\PCSuite
2007-12-22 09:45 --------- d-----w C:\Program Files\Common Files\Nokia
2007-12-16 08:28 --------- d-----w C:\Program Files\Common Files\Ahead
2007-12-16 08:28 --------- d-----w C:\Program Files\Ahead
2007-12-14 11:01 --------- d-----w C:\Program Files\MSXML 4.0
2007-12-13 18:15 --------- d-----w C:\Program Files\Java
2007-12-13 16:46 --------- d-----w C:\Program Files\Common Files\Java
2007-12-11 16:49 --------- d-----w C:\Program Files\Real
2007-12-11 16:49 --------- d-----w C:\Program Files\Common Files\xing shared
2007-12-11 16:49 --------- d-----w C:\Program Files\Common Files\Real
2007-12-11 15:03 --------- d-----w C:\Program Files\MSXML 6.0
2007-12-11 14:28 --------- d-----w C:\Program Files\Windows Live
2007-12-10 18:20 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2007-12-10 14:16 --------- d-----w C:\Program Files\Microsoft LifeCam
2007-12-10 12:42 --------- d-----w C:\Program Files\Dell Support
2007-12-10 11:44 --------- d-----w C:\Program Files\eLitecore
2007-12-10 10:14 --------- d-----w C:\Program Files\Microsoft ActiveSync
2007-12-10 09:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-10 09:34 --------- d-----w C:\Program Files\SigmaTel
2007-12-10 09:33 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-10 09:31 5 ----a-w C:\WINDOWS\system32\drivers\DELL__.MRK
2007-12-10 09:31 5 ----a-w C:\WINDOWS\system32\drivers\1028_DELL__.MRK
2007-12-10 09:30 --------- d-----w C:\Program Files\Dell
2007-12-10 08:54 --------- d--h--w C:\Program Files\Uninstall Information
2007-12-10 08:48 --------- d-----w C:\Program Files\microsoft frontpage
2007-12-10 08:42 --------- d-----w C:\Program Files\Microsoft Games
2007-12-10 08:41 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-12-10 08:41 --------- d-----w C:\Program Files\Microsoft PowerToys
2007-12-10 08:41 --------- d-----w C:\Program Files\HashTab Shell Extension
2007-11-07 09:50 727,040 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-06 17:20 831,048 ----a-w C:\WINDOWS\system32\WudfUpdate_01005.dll
2007-10-29 22:35 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-28 01:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 10:26 15360]
"SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe" [2006-12-20 17:47 557056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VX6000"="C:\WINDOWS\vVX6000.exe" [2006-06-29 15:55 994096]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-12-11 08:49 180269]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 10:29 115816]
"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [2007-01-14 11:41 771704]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="regsvr32 /s /n /i:u shell32" []
C:\Documents and Settings\B h a r a t\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe [2007-08-16 14:07:08 147456]
R0 ENO;ENO;C:\WINDOWS\system32\drivers\ENO.sys [2003-10-22 12:57]
R2 CamthWDM;WebcamMax, WDM Video Capture;C:\WINDOWS\system32\DRIVERS\CamthWDM.sys [2006-07-02 22:39]
S3 BCM42XX;Broadcom iLine10(tm) Network Adapter Driver;C:\WINDOWS\system32\DRIVERS\bcm42xx5.sys [2001-08-17 12:11]
S3 BCM44X2;BCM 10/100 Ethernet Network Adapter Driver;C:\WINDOWS\system32\DRIVERS\BCM4E5.SYS [2001-08-17 12:11]
S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 VX6000;Microsoft LifeCam VX-6000;C:\WINDOWS\system32\DRIVERS\VX6000Xp.sys [2006-06-29 15:56]
*Newly Created Service* - AUTOMATIC_LIVEUPDATE_SCHEDULER
*Newly Created Service* - CCEVTMGR
*Newly Created Service* - CCSETMGR
*Newly Created Service* - CLTNETCNSERVICE
*Newly Created Service* - LIVEUPDATE
*Newly Created Service* - NAVENG
*Newly Created Service* - NAVEX15
*Newly Created Service* - SPBBCDRV
*Newly Created Service* - SRTSP
*Newly Created Service* - SRTSPX
*Newly Created Service* - SYMANTEC_CORE_LC
*Newly Created Service* - SYMAPPCORE
*Newly Created Service* - SYMEVENT
.
Contents of the 'Scheduled Tasks' folder
"2008-01-23 15:22:19 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - B h a r a t.job"
- C:\Program Files\Norton AntiVirus\Navw32.exeh/TASK:
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-23 13:11:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-23 13:12:26
.
2008-01-09 23:09:47 --- E O F ---
--------------------------------------------------------------------------------------------------------------------
HERE IS THE HIJACKTHIS LOG:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:14, on 2008-01-23
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\vVX6000.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\LeechGet 2004\LeechGet.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\B h a r a t\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: 24Online Client.lnk = C:\Program Files\eLitecore\Cyberoam Client for 24Online\CyberoamClient.exe
O8 - Extra context menu item: Download using LeechGet - file://C:\Program Files\LeechGet 2004\\AddUrl.html
O8 - Extra context menu item: Download using LeechGet Wizard - file://C:\Program Files\LeechGet 2004\\Wizard.html
O8 - Extra context menu item: Parse with LeechGet - file://C:\Program Files\LeechGet 2004\\Parser.html
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C19D9DE2-DD61-4577-9B1A-0648D1B03F44}: NameServer = 172.16.77.254
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
--
End of file - 6112 bytes
---------------------------------------------------------------------------------------------------------------------