-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Monday, April 17, 2006 1:25:26 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 16/04/2006
Kaspersky Anti-Virus database records: 188305
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 90113
Number of viruses found: 77
Number of infected objects: 318
Number of suspicious objects: 0
Duration of the scan process: 01:35:47
Infected Object Name / Virus Name / Last Action
C:\ac2_0003.exe Infected: Trojan-Downloader.Win32.Small.cpu skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\arc.zip-53b42299-1b463168.zip.bac_a03192/web.exe/WISE0006.BIN Infected: Trojan.Win32.Revop.e skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\arc.zip-53b42299-1b463168.zip.bac_a03192/web.exe Infected: Trojan.Win32.Revop.e skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\arc.zip-53b42299-1b463168.zip.bac_a03192 ZIP: infected - 2 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\arc.zip-53b42299-1b463168.zip.bac_a03192 CryptFF.b: infected - 2 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\arc.zip-53b4229a-7d191064.zip.bac_a03192/web.exe/WISE0006.BIN Infected: Trojan.Win32.Revop.e skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\arc.zip-53b4229a-7d191064.zip.bac_a03192/web.exe Infected: Trojan.Win32.Revop.e skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\arc.zip-53b4229a-7d191064.zip.bac_a03192 ZIP: infected - 2 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\arc.zip-53b4229a-7d191064.zip.bac_a03192 CryptFF.b: infected - 2 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\ATPartners.dll.bac_a03192 Infected: not-a-virus:AdWare.Win32.F1Organizer.c skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\audiosrv.exe.bac_a03192 Infected: not-a-virus:AdWare.Win32.IEDriver.a skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\cmappclient.exe.bac_a03192 Infected: not-a-virus:AdWare.Win32.CASClient.a skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\CMMan.exe.bac_a03192 Infected: not-a-virus:AdWare.Win32.CASClient.e skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-4adadbdb-6da00139.zip.bac_a03192/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-4adadbdb-6da00139.zip.bac_a03192/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-4adadbdb-6da00139.zip.bac_a03192/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-4adadbdb-6da00139.zip.bac_a03192 ZIP: infected - 3 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-4adadbdb-6da00139.zip.bac_a03192 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-9275328-57c22615.zip.bac_a03192/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-9275328-57c22615.zip.bac_a03192/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-9275328-57c22615.zip.bac_a03192/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-9275328-57c22615.zip.bac_a03192 ZIP: infected - 3 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-9275328-57c22615.zip.bac_a03192 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-bb80bfb-24aabbcb.zip.bac_a03192/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-bb80bfb-24aabbcb.zip.bac_a03192/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-bb80bfb-24aabbcb.zip.bac_a03192/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-bb80bfb-24aabbcb.zip.bac_a03192 ZIP: infected - 3 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\count.jar-bb80bfb-24aabbcb.zip.bac_a03192 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\cpruninst.exe.bac_a03192/WISE0008.BIN Infected: Trojan-Downloader.Win32.Adroar skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\cpruninst.exe.bac_a03192/WISE0009.BIN Infected: Trojan-Downloader.Win32.Adroar skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\cpruninst.exe.bac_a03192 WiseSFX: infected - 2 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\cpruninst.exe.bac_a03192 CryptFF.b: infected - 2 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\cpr_mm2.exe.bac_a03192/WISE0008.BIN Infected: Trojan-Downloader.Win32.Adroar skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\cpr_mm2.exe.bac_a03192/WISE0009.BIN Infected: Trojan-Downloader.Win32.Adroar skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\cpr_mm2.exe.bac_a03192 WiseSFX: infected - 2 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\cpr_mm2.exe.bac_a03192 CryptFF.b: infected - 2 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\i87.tmp.bac_a03192 Infected: Trojan-Downloader.Win32.Totavel.a skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\Iel277g.exe.bac_a03192 Infected: Trojan-Downloader.Win32.VB.em skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\jar_cache14658.tmp.bac_a03192/Jvb.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\jar_cache14658.tmp.bac_a03192/MyFunction.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\jar_cache14658.tmp.bac_a03192/MainApp.class Infected: Trojan.Java.ClassLoader.f skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\jar_cache14658.tmp.bac_a03192 ZIP: infected - 3 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\jar_cache14658.tmp.bac_a03192 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\jar_cache59592.tmp.bac_a03192/Jvb.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\jar_cache59592.tmp.bac_a03192/MyFunction.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\jar_cache59592.tmp.bac_a03192/MainApp.class Infected: Trojan.Java.ClassLoader.f skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\jar_cache59592.tmp.bac_a03192 ZIP: infected - 3 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\jar_cache59592.tmp.bac_a03192 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\javainstaller.jar-31f00109-6ba8e4cf.zip.bac_a03192/javainstaller/InstallerApplet.class Infected: Trojan-Downloader.Java.OpenStream.w skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\javainstaller.jar-31f00109-6ba8e4cf.zip.bac_a03192 ZIP: infected - 1 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\javainstaller.jar-31f00109-6ba8e4cf.zip.bac_a03192 CryptFF.b: infected - 1 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\javainstaller.jar-4514e5ea-3dff9ce9.zip.bac_a03192/javainstaller/InstallerApplet.class Infected: Trojan-Downloader.Java.OpenStream.w skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\javainstaller.jar-4514e5ea-3dff9ce9.zip.bac_a03192 ZIP: infected - 1 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\javainstaller.jar-4514e5ea-3dff9ce9.zip.bac_a03192 CryptFF.b: infected - 1 skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\Leaz.exe.bac_a03192 Infected: Trojan-Downloader.Win32.VB.em skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\mrjj.exe.bac_a03192 Infected: Trojan.Win32.LowZones.am skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\MxjQzK.exe.bac_a03192 Infected: Trojan-Downloader.Win32.VB.em skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\nkamcgj.exe.bac_a03192 Infected: Trojan-Dropper.Win32.Agent.mu skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\oW3jAxR.exe.bac_a03192 Infected: not-a-virus:AdWare.Win32.WinFetcher.e skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\pi1_25.exe.bac_a03192 Infected: Trojan-Downloader.Win32.Small.afq skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\pshwr.exe.bac_a03192 Infected: not-a-virus:AdWare.Win32.SafeSurfing.s skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\qaamazw.exe.bac_a03192 Infected: Trojan-Dropper.Win32.Agent.tb skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\quhyyaa.exe.bac_a03192 Infected: Trojan-Dropper.Win32.Agent.mu skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\s2mg.3.exe.bac_a03192 Infected: Trojan-Dropper.Win32.Agent.tb skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\s3nc.2.exe.bac_a03192 Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\SehNf.exe.bac_a03192 Infected: Trojan-Downloader.Win32.VB.em skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\sj8.4l.exe.bac_a03192 Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\sntaudio.tmp.bac_a03192 Infected: not-a-virus:AdWare.Win32.SafeSurfing.s skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\tfkditt.exe.bac_a03192 Infected: Trojan-Dropper.Win32.Agent.mu skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\time.class-50c9903d-41431860.class.bac_a03192 Infected: Trojan-Downloader.Win32.Small.bhf skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\Uah95H5X.exe.bac_a03192 Infected: Trojan-Downloader.Win32.VB.em skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\Xigzh.exe.bac_a03192 Infected: Trojan.Win32.Small.cy skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\XioVQ8t0.exe.bac_a03192 Infected: Trojan-Downloader.Win32.VB.em skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\Ygi78.exe.bac_a03192 Infected: Trojan-Downloader.Win32.VB.em skipped
C:\Documents and Settings\Ron Wells\.housecall\Quarantine\YtawJ.exe.bac_a03192 Infected: Trojan-Downloader.Win32.VB.em skipped
C:\Documents and Settings\Ron Wells\Desktop\Anti-malware\ccsetup126.exe/stream/data0006 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\Documents and Settings\Ron Wells\Desktop\Anti-malware\ccsetup126.exe/stream Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\Documents and Settings\Ron Wells\Desktop\Anti-malware\ccsetup126.exe NSIS: infected - 2 skipped
C:\Documents and Settings\Ron Wells\Desktop\l2mfix\backup.zip/dlls/dEtaclen.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Documents and Settings\Ron Wells\Desktop\l2mfix\backup.zip/dlls/dn6o01j3e.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Documents and Settings\Ron Wells\Desktop\l2mfix\backup.zip/dlls/e020lafm1d2a.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Documents and Settings\Ron Wells\Desktop\l2mfix\backup.zip/dlls/fpjo0313e.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Documents and Settings\Ron Wells\Desktop\l2mfix\backup.zip/dlls/g2220cfoef2c0.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Documents and Settings\Ron Wells\Desktop\l2mfix\backup.zip/dlls/hrls0537e.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Documents and Settings\Ron Wells\Desktop\l2mfix\backup.zip/dlls/k2pm0c71ef.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Documents and Settings\Ron Wells\Desktop\l2mfix\backup.zip/dlls/l4r00e9meh.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Documents and Settings\Ron Wells\Desktop\l2mfix\backup.zip/dlls/lv0u09d9e.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Documents and Settings\Ron Wells\Desktop\l2mfix\backup.zip/dlls/lv4809hue.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Documents and Settings\Ron Wells\Desktop\l2mfix\backup.zip/dlls/mvrsl9971.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Documents and Settings\Ron Wells\Desktop\l2mfix\backup.zip/dlls/n8n60i5se8.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Documents and Settings\Ron Wells\Desktop\l2mfix\backup.zip ZIP: infected - 12 skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\C4C5B.tmp/slk8x2peu.exe Infected: not-a-virus:AdWare.Win32.Suggestor.o skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\C4C5B.tmp/faotvpap7.exe Infected: Trojan.Win32.Runner.h skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\C4C5B.tmp CAB: infected - 2 skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\CampusIMFeb.exe/NewExplorer.exe Infected: Trojan.Win32.VB.aft skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\CampusIMFeb.exe InstallCreator: infected - 1 skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\CampusIMFeb.exe UPX: infected - 1 skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\f149640.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\f183687.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\f363265.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\f406109.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\f8188812.exe Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\M1_SudokuInstaller.exe/data0006 Infected: Trojan-Dropper.Win32.VB.kk skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\M1_SudokuInstaller.exe NSIS: infected - 1 skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\Nat2.exe/Explorer.exe Infected: Trojan.Win32.VB.aft skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\Nat2.exe/{FBD2EBD0-E6DF-456E-B300-A4D10A90C683}.dll Infected: Trojan.Win32.VB.aft skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\Nat2.exe InstallCreator: infected - 2 skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\Nat2.exe UPX: infected - 2 skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\Tagasuarus.exe/data0002 Infected: Trojan-Downloader.Win32.VB.tw skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\Tagasuarus.exe/data0003 Infected: Trojan.Win32.VB.tg skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\Tagasuarus.exe/data0006 Infected: Trojan.Win32.VB.tg skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\Tagasuarus.exe/data0007 Infected: Trojan.Win32.VB.tg skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\Tagasuarus.exe NSIS: infected - 4 skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\transpd.exe/data0002 Infected: not-a-virus:AdWare.Win32.Agent.e skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temp\transpd.exe NSIS: infected - 1 skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temporary Internet Files\Content.IE5\43U5YAC6\MTE3NDI6ODoxNg[1].exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temporary Internet Files\Content.IE5\6G07X6SW\installerwnus[1].exe Infected: Trojan-Downloader.Win32.Qoologic.at skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temporary Internet Files\Content.IE5\6G07X6SW\stub_113_4_0_4_0[1].exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\Documents and Settings\Ron Wells\Local Settings\Temporary Internet Files\Content.IE5\AVIAYFG9\Installer[1].exe Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\DR140306.exe/data0002 Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\DR140306.exe NSIS: infected - 1 skipped
C:\drsmartload1.exe Infected: Trojan-Downloader.Win32.Adload.ap skipped
C:\drsmartload45a.exe Infected: Trojan-Downloader.Win32.Adload.an skipped
C:\Installer.exe Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\installerwnus.exe Infected: Trojan-Downloader.Win32.Qoologic.at skipped
C:\MTE3NDI6ODoxNg.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\mti-hits.exe Infected: not-a-virus:AdWare.Win32.EZula.bn skipped
C:\NNSCAA638.EXE Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\A0099535.dll.vir Infected: Trojan-Downloader.Win32.Dyfuca.eg skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\Installer.exe.vir Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\MTE3NDI6ODoxNg.exe.2.vir Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\MTE3NDI6ODoxNg.exe.vir Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\MTE3NDI6ODoxNg[1].exe.2.vir Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\MTE3NDI6ODoxNg[1].exe.vir Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\Setup93.exe.vir/data0002 Infected: Trojan-Downloader.Win32.VB.tw skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\Setup93.exe.vir/data0003 Infected: Trojan.Win32.VB.tg skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\Setup93.exe.vir/data0006 Infected: Trojan.Win32.VB.tg skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\Setup93.exe.vir/data0007 Infected: Trojan.Win32.VB.tg skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\Setup93.exe.vir NSIS: infected - 4 skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\SS1001[1].exe.vir Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\stub_113_4_0_4_0.exe.vir Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\stub_113_4_0_4_0[1].exe.vir Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\Veracruz.exe.vir/data0002/data0006 Infected: Trojan-Dropper.Win32.VB.kk skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\Veracruz.exe.vir/data0002 Infected: Trojan-Dropper.Win32.VB.kk skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\Veracruz.exe.vir NSIS: infected - 2 skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\Veracruz[1].exe.vir/data0002/data0006 Infected: Trojan-Dropper.Win32.VB.kk skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\Veracruz[1].exe.vir/data0002 Infected: Trojan-Dropper.Win32.VB.kk skipped
C:\Program Files\Alwil Software\Avast4\DATA\moved\Veracruz[1].exe.vir NSIS: infected - 2 skipped
C:\Program Files\EQAdvice\equpd.exe/data0002 Infected: not-a-virus:AdWare.Win32.PurityScan.ed skipped
C:\Program Files\EQAdvice\equpd.exe NSIS: infected - 1 skipped
C:\Program Files\EQBranch\EQBranch.exe Infected: not-a-virus:AdWare.Win32.PurityScan.ed skipped
C:\sk02.exe/data0002 Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\sk02.exe NSIS: infected - 1 skipped
C:\stub_113_4_0_4_0.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP149\A0091326.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP149\A0092326.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP149\A0093326.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP149\A0094326.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP149\A0094492.exe Infected: not-a-virus:AdWare.Win32.Suggestor.o skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP151\A0095328.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP151\A0095343.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP151\A0095344.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP151\A0095345.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP151\A0095346.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP151\A0095347.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP151\A0095348.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP151\A0095349.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP151\A0095350.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP151\A0095351.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP151\A0095352.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP151\A0096551.exe Infected: Trojan-Downloader.Win32.VB.aad skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099554.exe Infected: Trojan-Dropper.Win32.Agent.hl skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099555.exe Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099556.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099557.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099558.exe Infected: Trojan-Dropper.Win32.Agent.hl skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099559.exe/data0002/data0006 Infected: Trojan-Dropper.Win32.VB.kk skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099559.exe/data0002 Infected: Trojan-Dropper.Win32.VB.kk skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099559.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099574.exe Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099580.exe Infected: Trojan-Dropper.Win32.Agent.amf skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099581.exe Infected: Trojan-Dropper.Win32.Agent.amf skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099582.exe Infected: Trojan-Downloader.Win32.Small.cpu skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099583.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099584.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099585.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099586.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099587.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099588.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099589.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099590.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099591.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099592.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099593.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099594.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099595.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099673.exe Infected: Trojan-Downloader.Win32.VB.aad skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099674.exe Infected: Trojan-Downloader.Win32.Adload.ai skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099675.exe Infected: Trojan-Downloader.Win32.Adload.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099676.exe Infected: Trojan-Downloader.Win32.Qoologic.at skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099677.exe Infected: Trojan-Downloader.Win32.Agent.agy skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099678.EXE Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099679.dll Infected: not-a-virus:AdWare.Win32.CASClient.g skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099680.exe Infected: Trojan-Downloader.Win32.Dyfuca.ex skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099681.exe Infected: Trojan-Downloader.Win32.PurityScan.au skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099682.exe Infected: Trojan-Dropper.Win32.Agent.aie skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099683.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099683.exe/data.rar/whSurvey.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099683.exe/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099683.exe/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099683.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099683.exe RarSFX: infected - 5 skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099684.dll Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099685.exe Infected: Trojan-Downloader.Win32.VB.zk skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099686.exe Infected: Trojan-Downloader.Win32.VB.zl skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099687.exe Infected: Trojan-Downloader.Win32.VB.zo skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099688.exe Infected: Trojan-Downloader.Win32.VB.zg skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099689.exe Infected: Trojan-Downloader.Win32.VB.aaa skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099690.exe Infected: Trojan-Downloader.Win32.VB.aaf skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099691.exe Infected: Trojan-Clicker.Win32.VB.lv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099692.exe Infected: Trojan-Clicker.Win32.VB.ly skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099693.exe Infected: Trojan-Clicker.Win32.VB.ly skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099694.exe Infected: Trojan.Win32.VB.ali skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099695.exe Infected: Trojan.Win32.VB.ali skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099696.exe Infected: Trojan-Downloader.Win32.Adload.ae skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099697.exe Infected: Trojan-Downloader.Win32.Adload.ae skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099698.exe Infected: Trojan-Downloader.Win32.Adload.ae skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099699.exe Infected: Trojan-Downloader.Win32.Adload.ae skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099700.exe Infected: Trojan-Downloader.Win32.Adload.ae skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099701.exe Infected: Trojan-Downloader.Win32.VB.aaf skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099702.exe Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099703.exe Infected: not-a-virus:AdWare.Win32.Suggestor.o skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099704.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.n skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099705.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099706.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099707.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099708.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099709.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099710.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099711.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099712.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099713.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099714.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099715.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099716.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099717.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099718.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099719.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099720.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099721.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099722.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099723.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099724.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099725.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099726.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099727.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099728.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099729.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099730.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099731.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099732.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099733.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099734.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.m skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099736.dll Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP153\A0099737.dll Infected: not-a-virus:AdWare.Win32.Suggestor.o skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP154\A0099762.dll Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP154\A0099771.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP154\A0099772.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP154\A0099774.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP154\A0099776.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP156\A0101762.exe Infected: Trojan-Downloader.Win32.Qoologic.at skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP158\A0103831.exe Infected: Trojan-Downloader.Win32.Qoologic.at skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP158\A0103859.exe Infected: Trojan-Downloader.Win32.TSUpdate.o skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP158\A0103860.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP158\A0103861.exe Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP158\A0104831.exe Infected: Trojan-Downloader.Win32.Qoologic.at skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP159\A0104847.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP159\A0104848.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP159\A0104850.exe Infected: Trojan-Downloader.Win32.Qoologic.at skipped
C:\System Volume Information\_restore{1751CA3E-67C9-4457-8832-B2DD7963CD78}\RP159\A0104851.dll Infected: not-a-virus:AdWare.Win32.NewDotNet.i skipped
C:\visfx500.exe Infected: Trojan-Dropper.Win32.Agent.aie skipped
C:\WHCC2.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\WHCC2.exe/data.rar/whSurvey.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\WHCC2.exe/data.rar/webhdll.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\WHCC2.exe/data.rar/whiehlpr.dll Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\WHCC2.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\WHCC2.exe RarSFX: infected - 5 skipped
C:\WINDOWS\errorhandler.exe Infected: Trojan-Downloader.Win32.VB.nw skipped
C:\WINDOWS\keyboard10.exe Infected: Trojan-Downloader.Win32.Adload.am skipped
C:\WINDOWS\keyboard11.exe Infected: Backdoor.Win32.VB.ary skipped
C:\WINDOWS\mousepad10.exe Infected: Trojan-Clicker.Win32.VB.mo skipped
C:\WINDOWS\mousepad11.exe Infected: Trojan-Clicker.Win32.VB.mo skipped
C:\WINDOWS\mousepad9.exe Infected: Trojan-Clicker.Win32.VB.mo skipped
C:\WINDOWS\NDNuninstall6_38.exe Infected: not-a-virus:AdWare.Win32.NewDotNet skipped
C:\WINDOWS\NDNuninstall7_22.exe Infected: not-a-virus:AdWare.Win32.NewDotNet.e skipped
C:\WINDOWS\newname10.exe Infected: Trojan-Downloader.Win32.Adload.ae skipped
C:\WINDOWS\newname11.exe Infected: Trojan-Downloader.Win32.Adload.ae skipped
C:\WINDOWS\pf78.exe/data0002 Infected: Trojan-Downloader.Win32.VB.tw skipped
C:\WINDOWS\pf78.exe/data0003 Infected: Trojan.Win32.VB.tg skipped
C:\WINDOWS\pf78.exe/data0006 Infected: Trojan.Win32.VB.tg skipped
C:\WINDOWS\pf78.exe/data0007 Infected: Trojan.Win32.VB.tg skipped
C:\WINDOWS\pf78.exe NSIS: infected - 4 skipped
C:\WINDOWS\pf78bb.exe/data0002 Infected: Trojan-Clicker.Win32.Small.jf skipped
C:\WINDOWS\pf78bb.exe NSIS: infected - 1 skipped
C:\WINDOWS\SS1001.exe Infected: Trojan-Dropper.Win32.Small.qn skipped
C:\WINDOWS\system32\BMG3b.exe/{8110581C-FEA4-47AC-ADBC-DE958DD0F354}.dll Infected: Trojan.Win32.VB.aft skipped
C:\WINDOWS\system32\BMG3b.exe InstallCreator: infected - 1 skipped
C:\WINDOWS\system32\BMG3b.exe UPX: infected - 1 skipped
C:\WINDOWS\system32\dmonwv.dll Infected: Trojan-Downloader.Win32.Agent.agw skipped
C:\WINDOWS\system32\dwdsregt.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.m skipped
C:\WINDOWS\system32\fpdrnznx.dll Infected: not-a-virus:AdWare.Win32.Suggestor.o skipped
C:\WINDOWS\system32\owinrrag.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.n skipped
C:\WINDOWS\system32\qqdsregl.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.m skipped
C:\WINDOWS\system32\w004a092.dll Infected: Trojan-Downloader.Win32.Agent.ahv skipped
C:\WINDOWS\system32\xdcjx.dat Infected: Trojan-Downloader.Win32.Qoologic.bj skipped
C:\WINDOWS\Temp\_avast4_\PxB543.tmp Infected: Trojan-Downloader.Win32.Qoologic.ax skipped
C:\WINDOWS\zlmavrvA.exe Infected: Trojan-Clicker.Win32.VB.ij skipped
C:\ZICORN001.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.m skipped
Scan process completed.
Mon 04/17/2006
Running from: C:\Documents and Settings\Ron Wells\Desktop\FindQool\FindQool
PLEASE NOTE: LEGIT FILES MIGHT BE LISTED. IF YOU ARE UNSURE OF WHAT IS LISTED LEAVE THEM ALONE.
Known file names
C:\WINDOWS\SYSTEM32\DMONWV.DLL
C:\WINDOWS\UNWN.EXE
MD5 Check....
C:\WINDOWS\system32\dmonwv.dll
C:\WINDOWS\system32\xdcjx.dat
C:\WINDOWS\system32\sgngmd.exe
C:\WINDOWS\system32\jpekm.exe
C:\WINDOWS\system32\ynngely.dll
C:\WINDOWS\system32\tklowin.exe
Files found with locate com.
C:\WINDOWS\SYSTEM32\TKLOWIN.EXE
C:\WINDOWS\SYSTEM32\YNNGELY.DLL
C:\WINDOWS\SYSTEM32\XDCJX.DAT
C:\WINDOWS\SYSTEM32\SGNGMD.EXE
C:\WINDOWS\SYSTEM32\JPEKM.EXE
C:\DOCUME~1\ALLUSE~1\STARTM~1\PROGRAMS\STARTUP\KNYHS.EXE
Re-check using dir /a:-d
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
03/19/2006 04:11 PM 127,488 knyhs.exe
...
HKEY_LOCAL_MACHINE\software\qstat
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{4abf810a-f11d-4169-9d5f-7d274f2270a1}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\webnexus
HKEY_LOCAL_MACHINE\software\classes\folder\shellex\columnhandlers\{ce3a44d8-bc88-4d62-a890-42d96245f8d6}
...
Runs, Listed here as a Doublecheck for the locate com results
HKLM
"rwrxmb"="C:\\WINDOWS\\system32\\sgngmd.exe reg_run"
HKCU
"otyyn"="C:\\WINDOWS\\system32\\sgngmd.exe reg_run"
...
Files In Winlogon shell and userinit
Listed here as a Doublecheck for the locate com results
shell REG_SZ Explorer.exe, C:\WINDOWS\system32\jpekm.exe
userinit REG_SZ userinit.exe,tklowin.exe
...
SWReg utility
Written by Bobbi Flekman © 2005
Findqool edited 4/05/2006
Logfile of HijackThis v1.99.1
Scan saved at 4:09:02 PM, on 4/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\windows\mousepad11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\zlmavrvA.exe
C:\WINDOWS\errorhandler.exe
C:\windows\system32\qqdsregl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\owinrrag.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ron Wells\Desktop\Anti-malware\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\system32\jpekm.exe
F2 - REG:system.ini: UserInit=userinit.exe,tklowin.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HtFG] C:\WINDOWS\sfmywm.exe
O4 - HKLM\..\Run: [SaferScan] C:\Program Files\SaferScan\saferscan.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [keyboard] C:\windows\keyboard11.exe
O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad11.exe
O4 - HKLM\..\Run: [newname] C:\windows\newname11.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] C:\Program Files\webHancer\Programs\whsurvey.exe
O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [w002ce33.dll] RUNDLL32.EXE w002ce33.dll,I2 00009f1a0002ce33
O4 - HKLM\..\Run: [zlmavrvA] C:\WINDOWS\zlmavrvA.exe
O4 - HKLM\..\Run: [errorhandler] C:\WINDOWS\errorhandler.exe
O4 - HKLM\..\Run: [w00164fe.dll] RUNDLL32.EXE w00164fe.dll,I2 00009f1a000164fe
O4 - HKLM\..\Run: [w0019e6d.dll] RUNDLL32.EXE w0019e6d.dll,I2 00009f1a00019e6d
O4 - HKLM\..\Run: [w002f61e.dll] RUNDLL32.EXE w002f61e.dll,I2 00009f1a0002f61e
O4 - HKLM\..\Run: [w001e54a.dll] RUNDLL32.EXE w001e54a.dll,I2 00009f1a0001e54a
O4 - HKLM\..\Run: [w0026690.dll] RUNDLL32.EXE w0026690.dll,I2 00009f1a00026690
O4 - HKLM\..\Run: [w0014178.dll] RUNDLL32.EXE w0014178.dll,I2 00009f1a00014178
O4 - HKLM\..\Run: [w0026bef.dll] RUNDLL32.EXE w0026bef.dll,I2 00009f1a00026bef
O4 - HKLM\..\Run: [w0012f39.dll] RUNDLL32.EXE w0012f39.dll,I2 00009f1a00012f39
O4 - HKLM\..\Run: [w006b8d3.dll] RUNDLL32.EXE w006b8d3.dll,I2 00009f1a0006b8d3
O4 - HKLM\..\Run: [w001a999.dll] RUNDLL32.EXE w001a999.dll,I2 00009f1a0001a999
O4 - HKLM\..\Run: [w001d26e.dll] RUNDLL32.EXE w001d26e.dll,I2 00009f1a0001d26e
O4 - HKLM\..\Run: [w0015ea5.dll] RUNDLL32.EXE w0015ea5.dll,I2 00009f1a00015ea5
O4 - HKLM\..\Run: [w0016184.dll] RUNDLL32.EXE w0016184.dll,I2 00009f1a00016184
O4 - HKLM\..\Run: [w00253f2.dll] RUNDLL32.EXE w00253f2.dll,I2 00009f1a000253f2
O4 - HKLM\..\Run: [w001f42e.dll] RUNDLL32.EXE w001f42e.dll,I2 00009f1a0001f42e
O4 - HKLM\..\Run: [w0032dc8.dll] RUNDLL32.EXE w0032dc8.dll,I2 00009f1a00032dc8
O4 - HKLM\..\Run: [w001ee72.dll] RUNDLL32.EXE w001ee72.dll,I2 00009f1a0001ee72
O4 - HKLM\..\Run: [w001dd6a.dll] RUNDLL32.EXE w001dd6a.dll,I2 00009f1a0001dd6a
O4 - HKLM\..\Run: [w0018c9b.dll] RUNDLL32.EXE w0018c9b.dll,I2 00009f1a00018c9b
O4 - HKLM\..\Run: [w001651d.dll] RUNDLL32.EXE w001651d.dll,I2 00009f1a0001651d
O4 - HKLM\..\Run: [w00190d1.dll] RUNDLL32.EXE w00190d1.dll,I2 00009f1a000190d1
O4 - HKLM\..\Run: [w0018c5c.dll] RUNDLL32.EXE w0018c5c.dll,I2 00009f1a00018c5c
O4 - HKLM\..\Run: [w0012b7f.dll] RUNDLL32.EXE w0012b7f.dll,I2 00009f1a00012b7f
O4 - HKLM\..\Run: [w0040423.dll] RUNDLL32.EXE w0040423.dll,I2 00009f1a00040423
O4 - HKLM\..\Run: [w0012d16.dll] RUNDLL32.EXE w0012d16.dll,I2 00009f1a00012d16
O4 - HKLM\..\Run: [w001628d.dll] RUNDLL32.EXE w001628d.dll,I2 00009f1a0001628d
O4 - HKLM\..\Run: [w001c54e.dll] RUNDLL32.EXE w001c54e.dll,I2 00009f1a0001c54e
O4 - HKLM\..\Run: [w000f8f6.dll] RUNDLL32.EXE w000f8f6.dll,I2 00009f1a0000f8f6
O4 - HKLM\..\Run: [{3C-C5-55-5B-ZN}] C:\windows\system32\qqdsregl.exe CORN001
O4 - HKLM\..\Run: [w004a092.dll] RUNDLL32.EXE w004a092.dll,I2 00009f1a0004a092
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS\system32\owinrrag.exe CORN001
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe
O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe
O4 - HKCU\..\Run: [EQBranch] "C:\Program Files\EQBranch\EQBranch.exe"
O4 - Startup: Zeno.lnk = C:\WINDOWS\system32\owinrrag.exe
O4 - Startup: Z_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\system32\dmonwv.dll
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\system32\dmonwv.dll
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.elitemediagroup.net
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by104fd.bay104.hotmail.msn.com/r ... nPUpld.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {CEA53356-C414-4331-A35E-AA4CE9D8DFA2} - C:\WINDOWS\system32\w9seq.dll
O20 - AppInit_DLLs: dkmdbifa.dll,Runner.dll,Runner.dll,pceghlfh.dll,EQMini.dll
O20 - Winlogon Notify: App Paths - C:\WINDOWS\system32\shecli.dll (file missing)
O20 - Winlogon Notify: DH - C:\WINDOWS\system32\sUfrdm.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: StillImage - C:\WINDOWS\system32\lv4809hue.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Curtains for Windows System Service (CurtainsSysSvc) - Authentium, Inc. - c:\program files\comcast\security manager\app\CurtainsSysSvcNt.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe