PDA

View Full Version : core.cache.dsk and core.sys, spybot says I need help!



michael4340
2007-12-28, 21:53
I have followed the instructions in the "before you post" section. Here is where I am at: I have downloaded and ran the anti-virus scan with Kapersky of which I will paste here. I also downloaded and ran HiJack This and will paste the log here as well. Thank you.
Kapersky Scan:
KASPERSKY ONLINE SCANNER REPORT
Friday, December 28, 2007 1:31:17 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 28/12/2007
Kaspersky Anti-Virus database records: 499066
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 108012
Number of viruses found: 46
Number of infected objects: 78
Number of suspicious objects: 2
Duration of the scan process: 01:03:33

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\ph Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\variable Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\idb\APP10708.LST Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\idb\MWXFitzgerald\mydb.idx Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\idb\MWXFitzgerald\style.lst Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\idb\MWXFitzgerald\toolbar.lst Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\idb\SNMaster.idx Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\organize\CACHE\mwxfitzgera01 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\organize\mwxfitzgerald Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\organize\mwxfitzgerald.abi Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\organize\mwxfitzgerald.aby Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\ShopAssist\DataStore\global\clientcache.adb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0a\ShopAssist\DataStore\users\MWXFitzgerald.adb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\aolstderr.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\aolstdout.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\aoltsmon.lock Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\cache.db Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\server.lock Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\cls\common.cls Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\Events.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant.zip/v1.8.6/wbuninst.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WebBuyingAssistant.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Michael\Application Data\AOL\C_America Online 9.0a\IDB\Apps.Lst Object is locked skipped
C:\Documents and Settings\Michael\Application Data\AOL\C_America Online 9.0a\IDB\art.idx Object is locked skipped
C:\Documents and Settings\Michael\Application Data\AOL\C_America Online 9.0a\IDB\sap.dat Object is locked skipped
C:\Documents and Settings\Michael\Application Data\AOL\C_America Online 9.0a\IDB\spool.lst Object is locked skipped
C:\Documents and Settings\Michael\Application Data\AOL\C_America Online 9.0a\IDB\sysnews.lst Object is locked skipped
C:\Documents and Settings\Michael\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-4c13895d-7c208eb2.zip/BnnnnBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Michael\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-4c13895d-7c208eb2.zip/VaannnaaBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Michael\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-4c13895d-7c208eb2.zip/Bnnnnn.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Michael\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cnte-dhncgts.jar-4c13895d-7c208eb2.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Michael\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ehp2_stdneh.jar-42e05065-454493ef.zip/BnnnnBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Michael\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ehp2_stdneh.jar-42e05065-454493ef.zip/VaannnaaBaa.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Michael\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ehp2_stdneh.jar-42e05065-454493ef.zip/Bnnnnn.class Infected: Trojan.Java.ClassLoader.as skipped
C:\Documents and Settings\Michael\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ehp2_stdneh.jar-42e05065-454493ef.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Michael\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Michael\Local Settings\Application Data\AOL\UserProfiles\All Users\cls\common.cls Object is locked skipped
C:\Documents and Settings\Michael\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Michael\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Michael\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Michael\Local Settings\Tempmbroit.exe Infected: Trojan-Downloader.Win32.Agent.euw skipped
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\8L4Z0PH6\gamadril20071203[1] Infected: Backdoor.Win32.Agent.dbm skipped
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\XDZ9ST6V\installer[1].exe Infected: Trojan-Spy.Win32.BZub.buz skipped
C:\Documents and Settings\Michael\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Michael\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Michael\p423ck.exe Infected: Trojan-Dropper.Win32.FriJoiner.bg skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Rachel\20450.exe Infected: Packed.Win32.Tibs.dc skipped
C:\Documents and Settings\Rachel\43262.exe Infected: Packed.Win32.Tibs.dc skipped
C:\Documents and Settings\Rachel\957123844.exe Infected: Packed.Win32.Tibs.dc skipped
C:\Documents and Settings\Rachel\957123845.exe Infected: Packed.Win32.Tibs.dc skipped
C:\Documents and Settings\Rachel\Local Settings\Temp\07.exe Infected: Trojan-Dropper.Win32.Agent.chq skipped
C:\Documents and Settings\Rachel\Local Settings\Temp\e15.exe/data0006 Infected: Trojan-Downloader.Win32.VB.bnq skipped
C:\Documents and Settings\Rachel\Local Settings\Temp\e15.exe NSIS: infected - 1 skipped
C:\Documents and Settings\Rachel\Local Settings\Temp\mofugclq.exe Infected: not-a-virus:Downloader.Win32.WinFixer.au skipped
C:\Documents and Settings\Rachel\Local Settings\Temp\qrjatydi.exe Infected: not-a-virus:Downloader.Win32.WinFixer.au skipped
C:\Documents and Settings\Rachel\Local Settings\Temp\serversys.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped
C:\Documents and Settings\Rachel\Local Settings\Temp\svserver.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped
C:\Documents and Settings\Rachel\Local Settings\Temp\synpower.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped
C:\Documents and Settings\Rachel\Local Settings\Temporary Internet Files\Content.IE5\8DQ7Y56D\pochki20071106[1] Infected: Trojan.Win32.Obfuscated.kp skipped
C:\Documents and Settings\Rachel\Local Settings\Temporary Internet Files\Content.IE5\8DQ7Y56D\poiu[1] Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\Documents and Settings\Rachel\Local Settings\Temporary Internet Files\Content.IE5\CVHRQ6ZX\count[1].htm Infected: Trojan-Downloader.JS.Inor.a skipped
C:\Documents and Settings\Rachel\Local Settings\Temporary Internet Files\Content.IE5\CVHRQ6ZX\image18[1].gif Infected: not-virus:Hoax.Win32.Renos.hx skipped
C:\Documents and Settings\Rachel\Local Settings\Temporary Internet Files\Content.IE5\CVHRQ6ZX\in[1].php Infected: Trojan-Downloader.JS.Psyme.wi skipped
C:\Documents and Settings\Rachel\Local Settings\Temporary Internet Files\Content.IE5\CVHRQ6ZX\j[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\Rachel\Local Settings\Temporary Internet Files\Content.IE5\CVHRQ6ZX\j[2] Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\Rachel\Local Settings\Temporary Internet Files\Content.IE5\CVHRQ6ZX\version[1].htm Infected: Trojan-Downloader.HTML.IFrame.bu skipped
C:\Documents and Settings\Rachel\p423ck.exe Infected: Trojan-Dropper.Win32.FriJoiner.bg skipped
C:\Program Files\3269.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Common Files\mezo555077.dll Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\Program Files\Common Files\mezo83122.dll Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\Program Files\E404 Helper\e404.v6.dll Infected: Trojan-Downloader.Win32.BHO.bt skipped
C:\Program Files\fahajkxa\nmbqtyja.dll Infected: Trojan-Downloader.Win32.Zlob.enu skipped
C:\Program Files\smss.exe Infected: Trojan-Downloader.Win32.Alphabet.aa skipped
C:\Program Files\spoolsv.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped
C:\Program Files\ucleaner_setup.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.e skipped
C:\System Volume Information\_restore{7DC1F5FE-95AB-43DC-9B57-BF0D8BB0D464}\RP55\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\df87173.exe Infected: Trojan-Clicker.Win32.VB.vx skipped
C:\WINDOWS\hg173.exe Infected: Trojan-Clicker.Win32.VB.vx skipped
C:\WINDOWS\Prefetch\DFRGNTFS.EXE-38C3807C.pf Object is locked skipped
C:\WINDOWS\Prefetch\DOWNLOAD.EXE-32C1A819.pf Object is locked skipped
C:\WINDOWS\Prefetch\JUCHECK.EXE-3B5CB43D.pf Object is locked skipped
C:\WINDOWS\Prefetch\Layout.ini Object is locked skipped
C:\WINDOWS\Prefetch\LOGON.SCR-24ADF392.pf Object is locked skipped
C:\WINDOWS\Prefetch\MMDIAG.EXE-2CD118AB.pf Object is locked skipped
C:\WINDOWS\Prefetch\MSMSGS.EXE-0620E8B3.pf Object is locked skipped
C:\WINDOWS\Prefetch\OSA.EXE-28494AD2.pf Object is locked skipped
C:\WINDOWS\Prefetch\PORTAOL.EXE-15562F12.pf Object is locked skipped
C:\WINDOWS\Prefetch\READER_SL.EXE-2FCCA463.pf Object is locked skipped
C:\WINDOWS\Prefetch\REALONEMESSAGECENTER.EXE-16665EAB.pf Object is locked skipped
C:\WINDOWS\Prefetch\SHELLRESTART.EXE-2CCF1589.pf Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\AppCert\wnl32.dll Infected: Trojan-Downloader.Win32.Agent.dng skipped
C:\WINDOWS\system32\awabokvb.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.bjc skipped
C:\WINDOWS\system32\c1\baslook11.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\WINDOWS\system32\ccmloehe.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.bjc skipped
C:\WINDOWS\system32\cljuljmf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.bjc skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\WINDOWS\system32\dgzdosj.bak Infected: Trojan.Win32.Pakes.bpw skipped
C:\WINDOWS\system32\dpnmodemh.1 Infected: Trojan-Spy.Win32.BZub.btx skipped
C:\WINDOWS\system32\dpnmodemh.2 Infected: Trojan.Win32.BHO.yr skipped
C:\WINDOWS\system32\dpnmodemh.3 Infected: Trojan.Win32.BHO.yr skipped
C:\WINDOWS\system32\dpnmodemh.4 Infected: Trojan-Downloader.Win32.Delf.dbo skipped
C:\WINDOWS\system32\dpnmodemh.dll Infected: Trojan.Win32.BHO.agz skipped
C:\WINDOWS\system32\drivers\core.cache.dsk Object is locked skipped
C:\WINDOWS\system32\drivers\core.sys Object is locked skipped
C:\WINDOWS\system32\fmgsnul.dll Infected: not-a-virus:AdWare.Win32.Agent.wx skipped
C:\WINDOWS\system32\ftvno.exe Infected: Trojan.Win32.DNSChanger.hd skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\kernelw.sys Infected: Packed.Win32.Tibs.ap skipped
C:\WINDOWS\system32\krbvih.bak Infected: Trojan.Win32.Pakes.bpw skipped
C:\WINDOWS\system32\lbdhcosv.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.ao skipped
C:\WINDOWS\system32\ludoyrol.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.bjc skipped
C:\WINDOWS\system32\m8\nsts2dll1.exe Infected: Trojan.Win32.Pakes.bvs skipped
C:\WINDOWS\system32\nnnljgg.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.atj skipped
C:\WINDOWS\system32\ogwlixis.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.ao skipped
C:\WINDOWS\system32\pmeypqms.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\system32\qisgsrqo.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.ao skipped
C:\WINDOWS\system32\ssqqono.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.azt skipped
C:\WINDOWS\system32\tbnlav.bak Infected: Trojan.Win32.Pakes.bpv skipped
C:\WINDOWS\system32\tqcixpdm.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.ao skipped
C:\WINDOWS\system32\uqupuuwr.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.ao skipped
C:\WINDOWS\system32\wbardpjq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.bjc skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\winccf32.dll Infected: Trojan.Win32.Agent.qt skipped
C:\WINDOWS\system32\wyswfbus.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped
C:\WINDOWS\system32\__c0032139.dat Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\WINDOWS\system32\__c007501.dat Infected: Trojan-Downloader.Win32.Agent.euw skipped
C:\WINDOWS\Temp\mcmsc_Nm5moq3GtZ4zGoX Object is locked skipped
C:\WINDOWS\Temp\mcmsc_PDbvwiLaDKVd3n4 Object is locked skipped
C:\WINDOWS\Temp\win491.tmp.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped
C:\WINDOWS\Temp\winCB6.tmp Object is locked skipped
C:\WINDOWS\TWljaGFlbCBGaXR6Z2VyYWxk\asappsrv.dll Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\winuhgn.exe Infected: Trojan-Downloader.Win32.Searcher.f skipped
C:\wsusupd.exe Infected: Trojan-Downloader.Win32.Searcher.f skipped

Scan process completed.

michael4340
2007-12-28, 21:55
Here is the second post. This will be the HiJack This log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:44:16 PM, on 12/28/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AOL\1156010724\ee\AOLSoftware.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\Cool\X_cool.exe
c:\program files\common files\aol\1156010724\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1156010724\ee\aolsoftware.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\America Online 9.0a\shellmon.exe

O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1156010724\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [74e69077] rundll32.exe "C:\WINDOWS\System32\pstsgrdh.dll",b
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: Cool - Auto Update.lnk = C:\Program Files\Cool\cool.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15CBD2A7-651D-4B96-8F3B-045349A672FF}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\WindowsUpdate\rterteqo.html

--
End of file - 7067 bytes