HI
I am having trouble with my pc I thought I had a virus however after running a Karpersky scan I appear to have abou 15.
I have listed the HJT scan below but the Karparsky one is huge and keeps locking my pc when I try to add to this post.
Can anyone advise me on these issues please.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:58:22, on 27/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
D:\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsCtrls.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
c:\program files\panda software\panda platinum 2006 internet security\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\psimsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\APVXDWIN.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\cjb\cjb.exe
C:\Program Files\tmp126628906.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\WebProxy.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavBckPT.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\freecell.exe
C:\WINDOWS\system32\NOTEPAD.EXE
D:\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/radio2/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.orange.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.TISCALI.CO.UK
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: iSecurity - {A8311E8F-E459-4D22-89B4-CB9DCF10A425} - C:\WINDOWS\system32\ISECUR~1.CPL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O2 - BHO: cj helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684BB} - C:\Program Files\IE Extensions\cj.v2.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [WinPatrol] c:\HIJACK~1\winpatrol.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [cbj] C:\Program Files\cjb\cjb.exe
O4 - HKLM\..\Run: [explorer] C:\Program Files\tmp126628906.exe
O4 - HKLM\..\Run: [iSecurity applet] rundll32.exe iSecurity.cpl,SecurityMonitor
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: Registration The Settlers II - 10th Anniversary.LNK = D:\Ubisoft\Funatics\The Settlers II - 10th Anniversary\bin\RegistrationReminder.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.orange.co.uk/
O16 - DPF: LotusMenu - https://scouts.org.uk/wps/menu/menudisp.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/UK/install.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146580906515
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.auctiva.com/hostedimages/activex/xupload/XUpload.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O20 - AppInit_DLLs: iSecurity.cpl
O21 - SSODL: VolumePrx - {71888d39-e4f7-472f-a181-7947bd43fada} - C:\WINDOWS\Installer\{71888d39-e4f7-472f-a181-7947bd43fada}\VolumePrx.dll
O21 - SSODL: iSecurity - {A8311E8F-E459-4D22-89B4-CB9DCF10A425} - C:\WINDOWS\system32\ISECUR~1.CPL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda platinum 2006 internet security\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\psimsvc.exe
O23 - Service: ptssvc - Unknown owner - C:\Program Files\KODAK\KODAK Picture Transfer Software\PTSsvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe

--
End of file - 12564 bytes

I have tried to add the KARPERSKY log to this page again today, it seems huge after looking at some on here, it just seems to lock everything and won't upload, is there some other way of doing things?
Thanks in advance

Managed to get the start of the karspersky scan and the bit at the end that says things are infected. I don't know if this is any use but it seems to be getting worse, ie crashing and locking

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, March 27, 2008 6:57:01 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 27/03/2008
Kaspersky Anti-Virus database records: 667041
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 220276
Number of viruses found: 16
Number of infected objects: 255
Number of suspicious objects: 0
Duration of the scan process: 01:41:34






C:\Documents and Settings\User\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\User\Local Settings\Temp\07drafra.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Documents and Settings\User\Local Settings\Temp\0Wf3yL8H.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\Documents and Settings\User\Local Settings\Temp\4jFXwNem.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Documents and Settings\User\Local Settings\Temp\4XFWXB5C.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\Documents and Settings\User\Local Settings\Temp\8vwgrEFM.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Documents and Settings\User\Local Settings\Temp\AD957FkM.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Documents and Settings\User\Local Settings\Temp\dWu4L8yg.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Documents and Settings\User\Local Settings\Temp\eZMJHOht.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Documents and Settings\User\Local Settings\Temp\f5tH5rbM.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\Documents and Settings\User\Local Settings\Temp\fEnhNmBS.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\Documents and Settings\User\Local Settings\Temp\Fl9GniIy.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Documents and Settings\User\Local Settings\Temp\FNBmIhQt.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Documents and Settings\User\Local Settings\Temp\HFRVO7D0.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Documents and Settings\User\Local Settings\Temp\jar_cache17328.tmp Infected: Trojan.Win32.Inject.afx skipped
C:\Documents and Settings\User\Local Settings\Temp\JLxpaaWW.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Documents and Settings\User\Local Settings\Temp\jxzYW7pk.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Documents and Settings\User\Local Settings\Temp\kQAxzcdq.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Documents and Settings\User\Local Settings\Temp\ly0xbccK.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\Documents and Settings\User\Local Settings\Temp\mHD4vlr1.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\Documents and Settings\User\Local Settings\Temp\MmI23bEW.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\Documents and Settings\User\Local Settings\Temp\mtBQAm5O.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\Documents and Settings\User\Local Settings\Temp\tKUQCNrY.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\Documents and Settings\User\Local Settings\Temp\u2JMxMQc.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Documents and Settings\User\Local Settings\Temp\us0105.exe Infected: Trojan-Dropper.Win32.Agent.eya skipped
C:\Documents and Settings\User\Local Settings\Temp\us0106.exe Infected: Trojan.Win32.Inject.afx skipped
C:\Documents and Settings\User\Local Settings\Temp\V4zSh7Im.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\Documents and Settings\User\Local Settings\Temp\vLhX0tio.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Documents and Settings\User\Local Settings\Temp\wd4AQ4Dr.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Documents and Settings\User\Local Settings\Temp\wP5k2OFj.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\Documents and Settings\User\Local Settings\Temp\XoGaBFVE.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Documents and Settings\User\Local Settings\Temp\xUw1N8OC.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\Documents and Settings\User\Local Settings\Temp\YO3j9gye.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\Documents and Settings\User\Local Settings\Temp\ZsRh8o2h.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Documents and Settings\User\Local Settings\Temp\zW5NSdFO.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Documents and Settings\User\Local Settings\Temp\zyGtxzbx.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\User\ntuser.dat Object is locked skipped
C:\Documents and Settings\User\ntuser.dat.LOG Object is locked skipped
C:\Program Files\IE Extensions\cj.v2.dll Infected: Trojan-Clicker.Win32.Agent.xs skipped
C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe Infected: not-a-virus:Downloader.Win32.ImLoader.f skipped
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\83f66e09c57d3941caffc3202467fdc3PSK_NAMES Object is locked skipped
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\83f66e09c57d3941caffc3202467fdc3PSK_NAMES2 Object is locked skipped
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\MshConf\scoffset.bin.incr Object is locked skipped
C:\Program Files\tmp120187062.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp120187218.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp120187328.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp120187546.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp120188218.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp126253781.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp126451828.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp126567562.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp127234.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp127250.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp128911109.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp136038421.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp14769109.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp14769125.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp14769812.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp14770015.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp14770031.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp14770046.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp158140.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp158156.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp15921593.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp15922937.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp15923015.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp15923953.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp159750.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp159765.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp159843.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp160671.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp178562.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp178718.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp178734.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp178796.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp191125.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp191171.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp191187.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp192359.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp20697421.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp20701328.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp20702343.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp20702421.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp23537578.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp23537656.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp23537796.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp23537843.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp23538375.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp23538531.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp25466578.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp25466593.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp25469828.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp25469859.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp275328.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp275390.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp275468.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp275484.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp34435156.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp35484109.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp3753843.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp383328.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp3860718.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp3861656.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp3861703.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp3861718.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp3861781.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp3862734.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp38959218.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp39072500.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp39155140.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp42309500.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp42397453.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp42581484.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp42647609.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp429856500.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp429860140.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp46776640.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp504468.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp504890.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp505218.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp505546.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp505578.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp505718.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp506328.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp506703.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp5803546.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp5804515.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp5809437.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp5892296.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp61871906.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp61872015.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp61959625.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp62526890.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp62526906.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp62527125.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp62528625.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp62530468.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp62534984.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp65575500.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp69787937.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp756234.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp756250.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp86903921.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp87393843.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\ucleaner_setup.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.h skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520241.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520242.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520243.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520244.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520255.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.h skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520259.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520265.exe Infected: Trojan-Dropper.Win32.Agent.fwi skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520266.exe Infected: Trojan-Dropper.Win32.Agent.fwi skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520282.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520283.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520284.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520285.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520286.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520288.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520289.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520290.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520291.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520292.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520293.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520294.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520295.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520389.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520390.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520393.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520394.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520404.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520405.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped

C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520412.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520413.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520414.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520484.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520485.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520486.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520487.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520488.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520489.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520490.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520491.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520492.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520493.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520494.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520495.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520496.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520497.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520498.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520499.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520500.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520501.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520514.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524066.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524067.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524068.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524069.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524080.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.h skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524084.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524090.exe Infected: Trojan-Dropper.Win32.Agent.fwi skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524091.exe Infected: Trojan-Dropper.Win32.Agent.fwi skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524107.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524108.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524109.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524110.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524111.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524113.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524114.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524115.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524116.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524117.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524118.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524119.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524120.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524210.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524211.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524214.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524215.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524225.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524226.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524233.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524234.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524235.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524305.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524306.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524307.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524308.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524309.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524310.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524311.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524312.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524313.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524314.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524315.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524316.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524317.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524318.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524319.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524320.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524321.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524322.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524335.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP900\A0527364.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP900\A0528346.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP902\A0528423.dll Infected: Trojan-Clicker.Win32.Agent.wd skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP902\A0529347.dll Infected: Trojan-Clicker.Win32.Agent.xs skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP902\A0530390.dll Infected: Trojan-Clicker.Win32.Agent.xs skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP910\A0534543.dll Infected: Trojan-Clicker.Win32.Agent.xs skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP911\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Installer\{71888d39-e4f7-472f-a181-7947bd43fada}\VolumePrx.dll Infected: Trojan-Dropper.Win32.Agent.eya skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{B0799E72-9565-40AF-B4B2-3EC1AE22732A}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip/CELLPHONE 1/1111Javagamesappnokia/1111JAVAgamesappsnokia.zip/1111JAVAgamesapps nokia/ActiveViewer/vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0002 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip/CELLPHONE 1/1111Javagamesappnokia/1111JAVAgamesappsnokia.zip/1111JAVAgamesapps nokia/ActiveViewer/vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0003 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip/CELLPHONE 1/1111Javagamesappnokia/1111JAVAgamesappsnokia.zip/1111JAVAgamesapps nokia/ActiveViewer/vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip/CELLPHONE 1/1111Javagamesappnokia/1111JAVAgamesappsnokia.zip/1111JAVAgamesapps nokia/ActiveViewer/vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip/CELLPHONE 1/1111Javagamesappnokia/1111JAVAgamesappsnokia.zip/1111JAVAgamesapps nokia/ActiveViewer/vnc-3.3.7-x86_win32.zip Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip/CELLPHONE 1/1111Javagamesappnokia/1111JAVAgamesappsnokia.zip Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip ZIP: infected - 7 skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

Scan process completed.

Hi ANDKAT

We need first to disable TeaTimer that it doesn't interfere with fixes. You can re-enable it when you're clean again:

1. Run Spybot-S&D in Advanced Mode.
2. If it is not already set to do this Go to the Mode menu select "Advanced Mode"
3. On the left hand side, Click on Tools
4. Then click on the Resident Icon in the List
5. Uncheck "Resident TeaTimer" and OK any prompts.
6. Restart your computer.

1. Download combofix from any of these links and save it to Desktop:
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 3 (http://subs.geekstogo.com/ComboFix.exe)

**Note: It is important that it is saved directly to your desktop**

2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you (C:\ComboFix.txt). Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.

If you have problems with Combofix usage, see here (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)

Post:

- a fresh HijackThis log
- combofix report

Hi Shaba
Thanks for replying the .COMBOFIX (split over two pages)AND HJT logs are below
Also combofix froze at one point and I had to end task on regsvr32.exe to make it continue.
The other thing is I am now unable to connect to the internet and I am haing to use the wife's laptop.

Thanks in advance
Andy

ComboFix 08-04-01.2 - User 2008-04-02 17:58:16.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.480 [GMT 1:00]
Running from: C:\Documents and Settings\User\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\ucleaner_setup.exe
C:\WINDOWS\Installer\{71888d39-e4f7-472f-a181-7947bd43fada}
C:\WINDOWS\Installer\{71888d39-e4f7-472f-a181-7947bd43fada}\VolumePrx.dll

.
((((((((((((((((((((((((( Files Created from 2008-03-02 to 2008-04-02 )))))))))))))))))))))))))))))))
.

2008-04-02 12:35 . 2008-04-02 12:35 16,468 --a------ C:\Program Files\tmp53343343.exe
2008-04-02 09:27 . 2008-04-02 16:32 <DIR> d--h----- C:\WINDOWS\system32\.78eca999
2008-04-02 09:25 . 2008-04-02 09:25 192 --a------ C:\Program Files\tmp41946265.exe
2008-04-02 09:23 . 2008-04-02 09:23 192 --a------ C:\Program Files\tmp41823890.exe
2008-04-02 09:20 . 2008-04-02 09:20 192 --a------ C:\Program Files\tmp41669906.exe
2008-04-02 09:14 . 2008-04-02 09:14 204 --a------ C:\Program Files\tmp41300843.exe
2008-04-02 09:12 . 2008-04-02 09:12 192 --a------ C:\Program Files\tmp41164781.exe
2008-04-02 09:09 . 2008-04-02 09:09 192 --a------ C:\Program Files\tmp40954656.exe
2008-04-02 09:08 . 2008-04-02 09:08 192 --a------ C:\Program Files\tmp40945312.exe
2008-04-02 09:01 . 2008-04-02 09:01 192 --a------ C:\Program Files\tmp40496812.exe
2008-04-02 08:56 . 2008-04-02 08:56 192 --a------ C:\Program Files\tmp40211328.exe
2008-04-02 08:54 . 2008-04-02 08:54 192 --a------ C:\Program Files\tmp40087390.exe
2008-04-02 08:53 . 2008-04-02 08:53 192 --a------ C:\Program Files\tmp40034796.exe
2008-04-02 08:50 . 2008-04-02 08:50 192 --a------ C:\Program Files\tmp39847406.exe
2008-04-02 07:08 . 2008-04-02 07:08 192 --a------ C:\Program Files\tmp33720281.exe
2008-04-02 07:06 . 2008-04-02 07:06 192 --a------ C:\Program Files\tmp33588203.exe
2008-04-02 07:04 . 2008-04-02 07:04 204 --a------ C:\Program Files\tmp33488859.exe
2008-04-02 07:04 . 2008-04-02 07:04 204 --a------ C:\Program Files\tmp33476703.exe
2008-04-02 07:04 . 2008-04-02 07:04 192 --a------ C:\Program Files\tmp33466531.exe
2008-04-02 07:04 . 2008-04-02 07:04 192 --a------ C:\Program Files\tmp33457218.exe
2008-04-02 07:03 . 2008-04-02 07:03 204 --a------ C:\Program Files\tmp33448218.exe
2008-04-02 07:01 . 2008-04-02 07:01 204 --a------ C:\Program Files\tmp33327843.exe
2008-04-02 06:58 . 2008-04-02 06:58 192 --a------ C:\Program Files\tmp33108937.exe
2008-04-02 06:57 . 2008-04-02 06:57 192 --a------ C:\Program Files\tmp33049093.exe
2008-04-02 06:53 . 2008-04-02 06:53 192 --a------ C:\Program Files\tmp32824593.exe
2008-04-02 06:51 . 2008-04-02 06:51 192 --a------ C:\Program Files\tmp32682250.exe
2008-04-01 23:31 . 2008-04-01 23:31 192 --a------ C:\Program Files\tmp6327234.exe
2008-04-01 23:31 . 2008-04-01 23:31 192 --a------ C:\Program Files\tmp6316828.exe
2008-04-01 23:30 . 2008-04-01 23:30 192 --a------ C:\Program Files\tmp6222421.exe
2008-04-01 23:30 . 2008-04-01 23:30 192 --a------ C:\Program Files\tmp6212546.exe
2008-04-01 23:29 . 2008-04-01 23:29 204 --a------ C:\Program Files\tmp6203343.exe
2008-04-01 23:29 . 2008-04-01 23:29 192 --a------ C:\Program Files\tmp6194015.exe
2008-04-01 23:29 . 2008-04-01 23:29 192 --a------ C:\Program Files\tmp6184031.exe
2008-04-01 23:29 . 2008-04-01 23:29 192 --a------ C:\Program Files\tmp6174468.exe
2008-04-01 23:26 . 2008-04-01 23:26 192 --a------ C:\Program Files\tmp6005171.exe
2008-04-01 23:24 . 2008-04-01 23:24 192 --a------ C:\Program Files\tmp5852812.exe
2008-04-01 23:21 . 2008-04-01 23:21 204 --a------ C:\Program Files\tmp5694281.exe
2008-04-01 23:20 . 2008-04-01 23:20 16,452 --a------ C:\Program Files\tmp5607546.exe
2008-04-01 21:49 . 2008-04-01 21:49 16,572 --a------ C:\Program Files\tmp161156.exe
2008-04-01 21:49 . 2008-04-01 21:49 16,520 --a------ C:\Program Files\tmp160796.exe
2008-04-01 21:49 . 2008-04-01 21:49 16,472 --a------ C:\Program Files\tmp160468.exe
2008-04-01 21:49 . 2008-04-01 21:49 16,464 --a------ C:\Program Files\tmp161515.exe
2008-04-01 02:29 . 2008-04-01 02:29 204 --a------ C:\Program Files\tmp19071359.exe
2008-04-01 02:27 . 2008-04-01 02:27 204 --a------ C:\Program Files\tmp18938015.exe
2008-04-01 02:26 . 2008-04-01 02:26 192 --a------ C:\Program Files\tmp18881625.exe
2008-04-01 02:24 . 2008-04-01 02:24 192 --a------ C:\Program Files\tmp18746218.exe
2008-04-01 02:23 . 2008-04-01 02:23 192 --a------ C:\Program Files\tmp18670921.exe
2008-04-01 02:19 . 2008-04-01 02:19 192 --a------ C:\Program Files\tmp18465625.exe
2008-04-01 02:17 . 2008-04-01 02:17 192 --a------ C:\Program Files\tmp18345437.exe
2008-04-01 00:51 . 2008-04-01 00:51 192 --a------ C:\Program Files\tmp13183343.exe
2008-04-01 00:48 . 2008-04-01 00:48 192 --a------ C:\Program Files\tmp12988734.exe
2008-04-01 00:38 . 2008-04-01 00:38 16,504 --a------ C:\Program Files\tmp12413234.exe
2008-04-01 00:36 . 2008-04-01 00:36 192 --a------ C:\Program Files\tmp12245671.exe
2008-04-01 00:31 . 2008-04-01 00:31 192 --a------ C:\Program Files\tmp11982265.exe
2008-04-01 00:24 . 2008-04-01 00:24 192 --a------ C:\Program Files\tmp11564484.exe
2008-04-01 00:22 . 2008-04-01 00:22 192 --a------ C:\Program Files\tmp11424078.exe
2008-04-01 00:18 . 2008-04-01 00:18 192 --a------ C:\Program Files\tmp11178734.exe
2008-04-01 00:17 . 2008-04-01 00:17 192 --a------ C:\Program Files\tmp11098343.exe
2008-03-31 22:51 . 2008-03-31 22:51 192 --a------ C:\Program Files\tmp5938078.exe
2008-03-31 22:47 . 2008-03-31 22:47 16,504 --a------ C:\Program Files\tmp5729312.exe
2008-03-31 22:14 . 2008-03-31 22:14 16,504 --a------ C:\Program Files\tmp3730078.exe
2008-03-31 21:44 . 2008-03-31 21:44 192 --a------ C:\Program Files\tmp1924484.exe
2008-03-31 21:19 . 2008-03-31 21:19 139,830 --a------ C:\Program Files\tmp435296.exe
2008-03-31 21:18 . 2008-03-31 21:18 16,504 --a------ C:\Program Files\tmp360312.exe
2008-03-31 21:15 . 2008-03-31 21:15 16,632 --a------ C:\Program Files\tmp147609.exe
2008-03-31 21:15 . 2008-03-31 21:15 16,616 --a------ C:\Program Files\tmp140703.exe
2008-03-31 21:15 . 2008-03-31 21:15 16,504 --a------ C:\Program Files\tmp148812.exe
2008-03-31 07:26 . 2008-03-31 07:26 204 --a------ C:\Program Files\tmp41101125.exe
2008-03-31 04:46 . 2008-03-31 04:46 204 --a------ C:\Program Files\tmp31502296.exe
2008-03-31 03:01 . 2008-03-31 03:01 204 --a------ C:\Program Files\tmp25208859.exe
2008-03-31 02:31 . 2008-03-31 02:31 16,524 --a------ C:\Program Files\tmp23420484.exe
2008-03-31 00:55 . 2008-03-31 00:55 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-03-31 00:55 . 2008-03-31 00:55 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-03-31 00:54 . 2008-03-31 02:55 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2008-03-31 00:54 . 2008-03-31 00:55 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-03-31 00:30 . 2008-03-31 00:30 204 --a------ C:\Program Files\tmp16162093.exe
2008-03-30 20:05 . 2008-03-30 20:05 204 --a------ C:\Program Files\tmp161453.exe
2008-03-30 09:04 . 2008-03-30 09:04 16,580 --a------ C:\Program Files\tmp313718.exe
2008-03-29 22:47 . 2008-03-29 22:47 204 --a------ C:\Program Files\tmp45342156.exe
2008-03-29 22:47 . 2008-03-29 22:47 204 --a------ C:\Program Files\tmp45342140.exe
2008-03-29 22:46 . 2008-03-29 22:47 204 --a------ C:\Program Files\tmp45332765.exe
2008-03-29 21:47 . 2008-03-29 21:47 204 --a------ C:\Program Files\tmp41749546.exe
2008-03-29 18:57 . 2008-03-29 18:57 204 --a------ C:\Program Files\tmp31578781.exe
2008-03-29 15:34 . 2008-03-29 15:34 204 --a------ C:\Program Files\tmp19426812.exe
2008-03-29 15:34 . 2008-03-29 15:34 204 --a------ C:\Program Files\tmp19426406.exe
2008-03-29 13:33 . 2008-03-29 13:33 204 --a------ C:\Program Files\tmp12145500.exe
2008-03-29 13:33 . 2008-03-29 13:33 204 --a------ C:\Program Files\tmp12110218.exe
2008-03-29 13:31 . 2008-03-29 13:31 204 --a------ C:\Program Files\tmp12039718.exe
2008-03-29 11:58 . 2008-03-29 11:58 204 --a------ C:\Program Files\tmp6434843.exe
2008-03-29 11:57 . 2008-03-29 11:57 204 --a------ C:\Program Files\tmp6384000.exe
2008-03-29 11:57 . 2008-03-29 11:57 204 --a------ C:\Program Files\tmp6374984.exe
2008-03-29 11:57 . 2008-03-29 11:57 204 --a------ C:\Program Files\tmp6366812.exe
2008-03-29 10:01 . 2008-03-29 10:01 204 --a------ C:\Program Files\tmp2037296.exe
2008-03-29 10:00 . 2008-03-29 10:00 16,652 --a------ C:\Program Files\tmp2002156.exe
2008-03-29 10:00 . 2008-03-29 10:00 16,480 --a------ C:\Program Files\tmp2002187.exe
2008-03-27 14:51 . 2008-03-27 14:51 16,548 --a------ C:\Program Files\tmp756234.exe
2008-03-27 14:51 . 2008-03-27 14:51 16,496 --a------ C:\Program Files\tmp756250.exe
2008-03-27 09:22 . 2008-03-30 23:04 <DIR> d-------- C:\Program Files\iSecurity
2008-03-27 09:21 . 2008-03-27 09:21 16,564 --a------ C:\Program Files\tmp275390.exe
2008-03-27 09:21 . 2008-03-27 09:21 16,504 --a------ C:\Program Files\tmp275328.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-02 17:18 126,088 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck
2008-04-02 17:18 126,088 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT
2008-04-02 17:18 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck
2008-04-02 17:18 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG
2008-04-02 17:18 --------- d-----w C:\Documents and Settings\User\Application Data\OpenOffice.org2
2008-03-31 01:43 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-31 01:42 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-03-31 01:34 --------- d-----w C:\Program Files\Lexmark X1100 Series
2008-03-31 01:32 --------- d-----w C:\Program Files\Google
2008-03-25 21:22 --------- d-----w C:\Program Files\Microsoft Home Publishing 2000
2008-03-24 21:53 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-21 23:09 --------- d-----w C:\Documents and Settings\User\Application Data\uTorrent
2008-03-20 16:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-18 09:07 5 ----a-w C:\Program Files\udefender_setup.exe
2008-03-15 20:10 --------- d-----w C:\Program Files\Windows Live
2008-03-15 20:02 --------- d-----w C:\Program Files\MumbleJumble
2008-03-11 07:08 --------- d-----w C:\Program Files\IncrediGames
2008-03-03 12:52 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-03 12:44 --------- d-----w C:\Documents and Settings\User\Application Data\Lavasoft
2008-03-01 11:24 16,652 ----a-w C:\Program Files\tmp62530468.exe
2008-03-01 11:24 16,652 ----a-w C:\Program Files\tmp62526906.exe
2008-03-01 11:24 16,604 ----a-w C:\Program Files\tmp62528625.exe
2008-03-01 11:24 16,464 ----a-w C:\Program Files\tmp62527125.exe
2008-03-01 11:24 16,436 ----a-w C:\Program Files\tmp62526890.exe
2008-03-01 11:24 13,504 ----a-w C:\Program Files\tmp62534984.exe
2008-02-29 18:05 16,496 ----a-w C:\Program Files\tmp158156.exe
2008-02-29 18:05 16,464 ----a-w C:\Program Files\tmp158140.exe
2008-02-29 18:05 13,536 ----a-w C:\Program Files\tmp159750.exe
2008-02-29 18:05 13,496 ----a-w C:\Program Files\tmp159765.exe
2008-02-29 18:05 13,468 ----a-w C:\Program Files\tmp160671.exe
2008-02-29 18:05 13,416 ----a-w C:\Program Files\tmp159843.exe
2008-02-29 18:00 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-29 18:00 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-29 18:00 --------- d-----w C:\Documents and Settings\User\Application Data\eBookPro6
2008-02-29 10:57 --------- d-----w C:\Program Files\MSN Messenger
2008-02-29 00:22 307 ----a-w C:\Program Files\tmp460849718.exe
2008-02-28 15:46 307 ----a-w C:\Program Files\tmp429863390.exe
2008-02-28 15:46 16,552 ----a-w C:\Program Files\tmp429856500.exe
2008-02-28 15:46 13,524 ----a-w C:\Program Files\tmp429860140.exe
2008-02-26 23:58 --------- d-----w C:\Program Files\Betfair
2008-02-26 23:58 --------- d-----w C:\Documents and Settings\User\Application Data\Betfair
2008-02-23 20:53 --------- d-----w C:\Program Files\Personalised Poems 2006
2008-02-23 13:12 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-02-23 13:10 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-02-23 12:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-22 13:28 --------- d-----w C:\Program Files\Alternative Software Ltd
2008-02-12 17:43 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-04 19:00 --------- d-----w C:\Program Files\QuickTime
2008-01-24 17:51 115,256 -c--a-w C:\Documents and Settings\NIAMH\Application Data\GDIPFONTCACHEV1.DAT
2007-12-08 22:53 115,256 -c--a-w C:\Documents and Settings\User\Application Data\GDIPFONTCACHEV1.DAT
.

<pre>
-c--a-w 461,624 2004-08-29 11:12:20 C:\Documents and Settings\User\My Documents\BUBBLESNBITS\bath .exe
-c--a-w 461,624 2004-08-29 11:12:20 C:\Documents and Settings\User\My Documents\Certificates\BUBBLESNBITS\bath .exe
</pre>


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8311E8F-E459-4D22-89B4-CB9DCF10A425}]
C:\WINDOWS\system32\ISECUR~1.CPL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-20 15:39 68856]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-04-14 17:56 1957888]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 21:05 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 14:43 7630848]
"nwiz"="nwiz.exe" [2006-08-11 14:43 1519616 C:\WINDOWS\system32\nwiz.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 20:42 32768]
"adiras"="adiras.exe" []
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 15:43 57344]
"WinPatrol"="c:\HIJACK~1\winpatrol.exe" [ ]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-04-18 13:50 180269]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 14:27 222208]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 14:43 86016]
"Adobe Reader Speed Launcher"="D:\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"cbj"="C:\Program Files\cjb\cjb.exe" [2008-03-06 13:38 9216]
"iSecurity applet"="iSecurity.cpl" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 18:15 1634304]

C:\Documents and Settings\User\Start Menu\Programs\Startup\
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe [2005-09-23 14:36:42 61440]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2006-01-12 21:40:51 962660]
LUMIX Simple Viewer.lnk - C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2006-10-19 12:38:58 57344]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
Microsoft Works Calendar Reminders.lnk - C:\WINDOWS\Installer\{F128BA10-362E-11D3-81AB-00C04FB932BA}\4EBD23F5.exe [2006-01-13 22:19:30 29184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"iSecurity"= {A8311E8F-E459-4D22-89B4-CB9DCF10A425} - C:\WINDOWS\system32\ISECUR~1.CPL [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 2007-02-15 21:02 50736 C:\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\78eca999]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\utorrent\\utorrent.exe"=
"D:\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"D:\\Company of Heroes\\RelicCOH.exe"=

R1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-05-11 10:33]
R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-05-11 10:33]
R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-05-11 10:33]
R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-07-11 12:39]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-05-11 10:33]
R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\Drivers\ShlDrv51.sys [2007-05-23 15:40]
R1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-05-11 10:33]
R1 SSHDRV60;SSHDRV60;C:\WINDOWS\system32\drivers\SSHDRV60.sys [2006-02-26 00:10]
R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-05-11 10:33]
R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\drivers\cpoint.sys [2007-06-08 09:44]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-07-12 13:49]
R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys []
R3 ComFiltr;Panda Anti-Dialer;C:\WINDOWS\system32\DRIVERS\COMFiltr.sys [2008-04-02 18:18]
R3 NETIMFLT;PANDA NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-04-24 16:43]
R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys []
S1 kbd;kbd;C:\WINDOWS\system32\drivers\kbd.sys [2008-03-19 00:04]
S2 78eca999;Microsoft DDE+ server;C:\WINDOWS\system32\.78eca999\78eca999.exe [2008-04-02 09:27]
S2 ptssvc;ptssvc;C:\Program Files\KODAK\KODAK Picture Transfer Software\PTSsvc.exe []
S3 PCD60X2;PCD60X2;C:\DOCUME~1\User\LOCALS~1\Temp\PCD60X2.sys [2006-06-27 14:51]
S3 PCD60X3;PCD60X3;C:\DOCUME~1\User\LOCALS~1\Temp\PCD60X3.sys [2006-06-27 14:53]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{170772f5-7f6f-11da-8d91-806d6172696f}]
\Shell\AutoRun\command - D:\ASUSACPI.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-03-29 00:00:00 C:\WINDOWS\Tasks\Basic clean-up.job"
- C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PlaTasks.exe
"2008-03-29 00:00:00 C:\WINDOWS\Tasks\Basic clean-up1.job"
- C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PlaTasks.exe

2nd part of log files


.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-02 18:17:54
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\ArcSoft\Software Suite\PhotoImpression\share\pihook.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
D:\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsCtrls.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
c:\program files\panda software\panda platinum 2006 internet security\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\psimsvc.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\ApvxdWin.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\SRVLOAD.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\WebProxy.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavBckPT.exe
.
**************************************************************************
.
Completion time: 2008-04-02 18:24:04 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-02 17:23:58
Pre-Run: 25,122,754,560 bytes free
Post-Run: 25,067,692,032 bytes free
.
2008-03-15 23:51:04 --- E O F ---


HJT log


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:29:06, on 02/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
D:\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsCtrls.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
c:\program files\panda software\panda platinum 2006 internet security\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\psimsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\ApvxdWin.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\SRVLOAD.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\cjb\cjb.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\WebProxy.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavBckPT.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
D:\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/radio2/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.TISCALI.CO.UK
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: iSecurity - {A8311E8F-E459-4D22-89B4-CB9DCF10A425} - C:\WINDOWS\system32\ISECUR~1.CPL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [WinPatrol] c:\HIJACK~1\winpatrol.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [cbj] C:\Program Files\cjb\cjb.exe
O4 - HKLM\..\Run: [iSecurity applet] rundll32.exe iSecurity.cpl,SecurityMonitor
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: Registration The Settlers II - 10th Anniversary.LNK = D:\Ubisoft\Funatics\The Settlers II - 10th Anniversary\bin\RegistrationReminder.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.orange.co.uk/
O16 - DPF: LotusMenu - https://scouts.org.uk/wps/menu/menudisp.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/UK/install.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146580906515
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.auctiva.com/hostedimages/activex/xupload/XUpload.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O21 - SSODL: VolumePrx - {71888d39-e4f7-472f-a181-7947bd43fada} - (no file)
O21 - SSODL: iSecurity - {A8311E8F-E459-4D22-89B4-CB9DCF10A425} - C:\WINDOWS\system32\ISECUR~1.CPL (file missing)
O23 - Service: Microsoft DDE+ server (78eca999) - Unknown owner - C:\WINDOWS\system32\.78eca999\78eca999.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda platinum 2006 internet security\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\psimsvc.exe
O23 - Service: ptssvc - Unknown owner - C:\Program Files\KODAK\KODAK Picture Transfer Software\PTSsvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe

--
End of file - 12018 bytes

Hi

Open notepad and copy/paste the text in the quotebox below into it:


File::
C:\Program Files\tmp53343343.exe
C:\Program Files\tmp41946265.exe
C:\Program Files\tmp41823890.exe
C:\Program Files\tmp41669906.exe
C:\Program Files\tmp41300843.exe
C:\Program Files\tmp41164781.exe
C:\Program Files\tmp40954656.exe
C:\Program Files\tmp40945312.exe
C:\Program Files\tmp40496812.exe
C:\Program Files\tmp40211328.exe
C:\Program Files\tmp40087390.exe
C:\Program Files\tmp40034796.exe
C:\Program Files\tmp39847406.exe
C:\Program Files\tmp33720281.exe
C:\Program Files\tmp33588203.exe
C:\Program Files\tmp33488859.exe
C:\Program Files\tmp33476703.exe
C:\Program Files\tmp33466531.exe
C:\Program Files\tmp33457218.exe
C:\Program Files\tmp33448218.exe
C:\Program Files\tmp33327843.exe
C:\Program Files\tmp33108937.exe
C:\Program Files\tmp33049093.exe
C:\Program Files\tmp32824593.exe
C:\Program Files\tmp32682250.exe
C:\Program Files\tmp6327234.exe
C:\Program Files\tmp6316828.exe
C:\Program Files\tmp6222421.exe
C:\Program Files\tmp6212546.exe
C:\Program Files\tmp6203343.exe
C:\Program Files\tmp6194015.exe
C:\Program Files\tmp6184031.exe
C:\Program Files\tmp6174468.exe
C:\Program Files\tmp6005171.exe
C:\Program Files\tmp5852812.exe
C:\Program Files\tmp5694281.exe
C:\Program Files\tmp5607546.exe
C:\Program Files\tmp161156.exe
C:\Program Files\tmp160796.exe
C:\Program Files\tmp160468.exe
C:\Program Files\tmp161515.exe
C:\Program Files\tmp19071359.exe
C:\Program Files\tmp18938015.exe
C:\Program Files\tmp18881625.exe
C:\Program Files\tmp18746218.exe
C:\Program Files\tmp18670921.exe
C:\Program Files\tmp18465625.exe
C:\Program Files\tmp18345437.exe
C:\Program Files\tmp13183343.exe
C:\Program Files\tmp12988734.exe
C:\Program Files\tmp12413234.exe
C:\Program Files\tmp12245671.exe
C:\Program Files\tmp11982265.exe
C:\Program Files\tmp11564484.exe
C:\Program Files\tmp11424078.exe
C:\Program Files\tmp11178734.exe
C:\Program Files\tmp11098343.exe
C:\Program Files\tmp5938078.exe
C:\Program Files\tmp5729312.exe
C:\Program Files\tmp3730078.exe
C:\Program Files\tmp1924484.exe
C:\Program Files\tmp435296.exe
C:\Program Files\tmp360312.exe
C:\Program Files\tmp147609.exe
C:\Program Files\tmp140703.exe
C:\Program Files\tmp148812.exe
C:\Program Files\tmp41101125.exe
C:\Program Files\tmp31502296.exe
C:\Program Files\tmp25208859.exe
C:\Program Files\tmp23420484.exe
C:\Program Files\tmp16162093.exe
C:\Program Files\tmp161453.exe
C:\Program Files\tmp313718.exe
C:\Program Files\tmp45342156.exe
C:\Program Files\tmp45342140.exe
C:\Program Files\tmp45332765.exe
C:\Program Files\tmp41749546.exe
C:\Program Files\tmp31578781.exe
C:\Program Files\tmp19426812.exe
C:\Program Files\tmp19426406.exe
C:\Program Files\tmp12145500.exe
C:\Program Files\tmp12110218.exe
C:\Program Files\tmp12039718.exe
C:\Program Files\tmp6434843.exe
C:\Program Files\tmp6384000.exe
C:\Program Files\tmp6374984.exe
C:\Program Files\tmp6366812.exe
C:\Program Files\tmp2037296.exe
C:\Program Files\tmp2002156.exe
C:\Program Files\tmp2002187.exe
C:\Program Files\tmp756234.exe
C:\Program Files\tmp756250.exe
C:\Program Files\tmp275390.exe
C:\Program Files\tmp62530468.exe
C:\Program Files\tmp62526906.exe
C:\Program Files\tmp62528625.exe
C:\Program Files\tmp62527125.exe
C:\Program Files\tmp62526890.exe
C:\Program Files\tmp62534984.exe
C:\Program Files\tmp158156.exe
C:\Program Files\tmp158140.exe
C:\Program Files\tmp159750.exe
C:\Program Files\tmp159765.exe
C:\Program Files\tmp160671.exe
C:\Program Files\tmp159843.exe
C:\Program Files\tmp460849718.exe
C:\Program Files\tmp429863390.exe
C:\Program Files\tmp429856500.exe
C:\Program Files\tmp429860140.exe
C:\Documents and Settings\User\My Documents\BUBBLESNBITS\bath .exe
C:\Documents and Settings\User\My Documents\Certificates\BUBBLESNBITS\bath .exe

Folder::
C:\Program Files\iSecurity
C:\WINDOWS\system32\.78eca999

Driver::
78eca999

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8311E8F-E459-4D22-89B4-CB9DCF10A425}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cbj"=-
"iSecurity applet"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"iSecurity"=-

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\78eca999]


Save this as "CFScript"

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

http://users.pandora.be/bluepatchy/miekiemoes/images/CFScript.gif

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.

Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.

HI Shaba,
Thanks for such a quick reply. The two logs are below.
I can no longer access the internet at all from my pc now, so this is all being done via the laptop.

Combobfix log


ComboFix 08-04-01.2 - User 2008-04-02 19:17:48.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.566 [GMT 1:00]
Running from: C:\Documents and Settings\User\Desktop\ComboFix.exe
Command switches used :: G:\BUGS\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\Documents and Settings\User\My Documents\BUBBLESNBITS\bath .exe
C:\Documents and Settings\User\My Documents\Certificates\BUBBLESNBITS\bath .exe
C:\Program Files\tmp11098343.exe
C:\Program Files\tmp11178734.exe
C:\Program Files\tmp11424078.exe
C:\Program Files\tmp11564484.exe
C:\Program Files\tmp11982265.exe
C:\Program Files\tmp12039718.exe
C:\Program Files\tmp12110218.exe
C:\Program Files\tmp12145500.exe
C:\Program Files\tmp12245671.exe
C:\Program Files\tmp12413234.exe
C:\Program Files\tmp12988734.exe
C:\Program Files\tmp13183343.exe
C:\Program Files\tmp140703.exe
C:\Program Files\tmp147609.exe
C:\Program Files\tmp148812.exe
C:\Program Files\tmp158140.exe
C:\Program Files\tmp158156.exe
C:\Program Files\tmp159750.exe
C:\Program Files\tmp159765.exe
C:\Program Files\tmp159843.exe
C:\Program Files\tmp160468.exe
C:\Program Files\tmp160671.exe
C:\Program Files\tmp160796.exe
C:\Program Files\tmp161156.exe
C:\Program Files\tmp161453.exe
C:\Program Files\tmp161515.exe
C:\Program Files\tmp16162093.exe
C:\Program Files\tmp18345437.exe
C:\Program Files\tmp18465625.exe
C:\Program Files\tmp18670921.exe
C:\Program Files\tmp18746218.exe
C:\Program Files\tmp18881625.exe
C:\Program Files\tmp18938015.exe
C:\Program Files\tmp19071359.exe
C:\Program Files\tmp1924484.exe
C:\Program Files\tmp19426406.exe
C:\Program Files\tmp19426812.exe
C:\Program Files\tmp2002156.exe
C:\Program Files\tmp2002187.exe
C:\Program Files\tmp2037296.exe
C:\Program Files\tmp23420484.exe
C:\Program Files\tmp25208859.exe
C:\Program Files\tmp275390.exe
C:\Program Files\tmp313718.exe
C:\Program Files\tmp31502296.exe
C:\Program Files\tmp31578781.exe
C:\Program Files\tmp32682250.exe
C:\Program Files\tmp32824593.exe
C:\Program Files\tmp33049093.exe
C:\Program Files\tmp33108937.exe
C:\Program Files\tmp33327843.exe
C:\Program Files\tmp33448218.exe
C:\Program Files\tmp33457218.exe
C:\Program Files\tmp33466531.exe
C:\Program Files\tmp33476703.exe
C:\Program Files\tmp33488859.exe
C:\Program Files\tmp33588203.exe
C:\Program Files\tmp33720281.exe
C:\Program Files\tmp360312.exe
C:\Program Files\tmp3730078.exe
C:\Program Files\tmp39847406.exe
C:\Program Files\tmp40034796.exe
C:\Program Files\tmp40087390.exe
C:\Program Files\tmp40211328.exe
C:\Program Files\tmp40496812.exe
C:\Program Files\tmp40945312.exe
C:\Program Files\tmp40954656.exe
C:\Program Files\tmp41101125.exe
C:\Program Files\tmp41164781.exe
C:\Program Files\tmp41300843.exe
C:\Program Files\tmp41669906.exe
C:\Program Files\tmp41749546.exe
C:\Program Files\tmp41823890.exe
C:\Program Files\tmp41946265.exe
C:\Program Files\tmp429856500.exe
C:\Program Files\tmp429860140.exe
C:\Program Files\tmp429863390.exe
C:\Program Files\tmp435296.exe
C:\Program Files\tmp45332765.exe
C:\Program Files\tmp45342140.exe
C:\Program Files\tmp45342156.exe
C:\Program Files\tmp460849718.exe
C:\Program Files\tmp53343343.exe
C:\Program Files\tmp5607546.exe
C:\Program Files\tmp5694281.exe
C:\Program Files\tmp5729312.exe
C:\Program Files\tmp5852812.exe
C:\Program Files\tmp5938078.exe
C:\Program Files\tmp6005171.exe
C:\Program Files\tmp6174468.exe
C:\Program Files\tmp6184031.exe
C:\Program Files\tmp6194015.exe
C:\Program Files\tmp6203343.exe
C:\Program Files\tmp6212546.exe
C:\Program Files\tmp6222421.exe
C:\Program Files\tmp62526890.exe
C:\Program Files\tmp62526906.exe
C:\Program Files\tmp62527125.exe
C:\Program Files\tmp62528625.exe
C:\Program Files\tmp62530468.exe
C:\Program Files\tmp62534984.exe
C:\Program Files\tmp6316828.exe
C:\Program Files\tmp6327234.exe
C:\Program Files\tmp6366812.exe
C:\Program Files\tmp6374984.exe
C:\Program Files\tmp6384000.exe
C:\Program Files\tmp6434843.exe
C:\Program Files\tmp756234.exe
C:\Program Files\tmp756250.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\User\My Documents\BUBBLESNBITS\bath .exe
C:\Documents and Settings\User\My Documents\Certificates\BUBBLESNBITS\bath .exe
C:\Program Files\iSecurity
C:\Program Files\iSecurity\iSecurity.dat
C:\Program Files\iSecurity\syscleaner.bmp
C:\Program Files\iSecurity\syscleanerinstalled.bmp
C:\Program Files\iSecurity\systemdefender.bmp
C:\Program Files\iSecurity\systemdefenderinstalled.bmp
C:\Program Files\iSecurity\winifixer.bmp
C:\Program Files\iSecurity\winifixerinstalled.bmp
C:\Program Files\tmp11098343.exe
C:\Program Files\tmp11178734.exe
C:\Program Files\tmp11424078.exe
C:\Program Files\tmp11564484.exe
C:\Program Files\tmp11982265.exe
C:\Program Files\tmp12039718.exe
C:\Program Files\tmp12110218.exe
C:\Program Files\tmp12145500.exe
C:\Program Files\tmp12245671.exe
C:\Program Files\tmp12413234.exe
C:\Program Files\tmp12988734.exe
C:\Program Files\tmp13183343.exe
C:\Program Files\tmp140703.exe
C:\Program Files\tmp147609.exe
C:\Program Files\tmp148812.exe
C:\Program Files\tmp158140.exe
C:\Program Files\tmp158156.exe
C:\Program Files\tmp159750.exe
C:\Program Files\tmp159765.exe
C:\Program Files\tmp159843.exe
C:\Program Files\tmp160468.exe
C:\Program Files\tmp160671.exe
C:\Program Files\tmp160796.exe
C:\Program Files\tmp161156.exe
C:\Program Files\tmp161453.exe
C:\Program Files\tmp161515.exe
C:\Program Files\tmp16162093.exe
C:\Program Files\tmp18345437.exe
C:\Program Files\tmp18465625.exe
C:\Program Files\tmp18670921.exe
C:\Program Files\tmp18746218.exe
C:\Program Files\tmp18881625.exe
C:\Program Files\tmp18938015.exe
C:\Program Files\tmp19071359.exe
C:\Program Files\tmp1924484.exe
C:\Program Files\tmp19426406.exe
C:\Program Files\tmp19426812.exe
C:\Program Files\tmp2002156.exe
C:\Program Files\tmp2002187.exe
C:\Program Files\tmp2037296.exe
C:\Program Files\tmp23420484.exe
C:\Program Files\tmp25208859.exe
C:\Program Files\tmp275390.exe
C:\Program Files\tmp313718.exe
C:\Program Files\tmp31502296.exe
C:\Program Files\tmp31578781.exe
C:\Program Files\tmp32682250.exe
C:\Program Files\tmp32824593.exe
C:\Program Files\tmp33049093.exe
C:\Program Files\tmp33108937.exe
C:\Program Files\tmp33327843.exe
C:\Program Files\tmp33448218.exe
C:\Program Files\tmp33457218.exe
C:\Program Files\tmp33466531.exe
C:\Program Files\tmp33476703.exe
C:\Program Files\tmp33488859.exe
C:\Program Files\tmp33588203.exe
C:\Program Files\tmp33720281.exe
C:\Program Files\tmp360312.exe
C:\Program Files\tmp3730078.exe
C:\Program Files\tmp39847406.exe
C:\Program Files\tmp40034796.exe
C:\Program Files\tmp40087390.exe
C:\Program Files\tmp40211328.exe
C:\Program Files\tmp40496812.exe
C:\Program Files\tmp40945312.exe
C:\Program Files\tmp40954656.exe
C:\Program Files\tmp41101125.exe
C:\Program Files\tmp41164781.exe
C:\Program Files\tmp41300843.exe
C:\Program Files\tmp41669906.exe
C:\Program Files\tmp41749546.exe
C:\Program Files\tmp41823890.exe
C:\Program Files\tmp41946265.exe
C:\Program Files\tmp429856500.exe
C:\Program Files\tmp429860140.exe
C:\Program Files\tmp429863390.exe
C:\Program Files\tmp435296.exe
C:\Program Files\tmp45332765.exe
C:\Program Files\tmp45342140.exe
C:\Program Files\tmp45342156.exe
C:\Program Files\tmp460849718.exe
C:\Program Files\tmp53343343.exe
C:\Program Files\tmp5607546.exe
C:\Program Files\tmp5694281.exe
C:\Program Files\tmp5729312.exe
C:\Program Files\tmp5852812.exe
C:\Program Files\tmp5938078.exe
C:\Program Files\tmp6005171.exe
C:\Program Files\tmp6174468.exe
C:\Program Files\tmp6184031.exe
C:\Program Files\tmp6194015.exe
C:\Program Files\tmp6203343.exe
C:\Program Files\tmp6212546.exe
C:\Program Files\tmp6222421.exe
C:\Program Files\tmp62526890.exe
C:\Program Files\tmp62526906.exe
C:\Program Files\tmp62527125.exe
C:\Program Files\tmp62528625.exe
C:\Program Files\tmp62530468.exe
C:\Program Files\tmp62534984.exe
C:\Program Files\tmp6316828.exe
C:\Program Files\tmp6327234.exe
C:\Program Files\tmp6366812.exe
C:\Program Files\tmp6374984.exe
C:\Program Files\tmp6384000.exe
C:\Program Files\tmp6434843.exe
C:\Program Files\tmp756234.exe
C:\Program Files\tmp756250.exe
C:\WINDOWS\system32\.78eca999
C:\WINDOWS\system32\.78eca999\78eca999.Aff.config
C:\WINDOWS\system32\.78eca999\78eca999.BR.config
C:\WINDOWS\system32\.78eca999\78eca999.core.dll
C:\WINDOWS\system32\.78eca999\78eca999.exe
C:\WINDOWS\system32\.78eca999\78eca999.GR.config
C:\WINDOWS\system32\.78eca999\78eca999.Rdr.config
C:\WINDOWS\system32\.78eca999\78eca999.ServerPlugin.config

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_78ECA999
-------\Service_78eca999


((((((((((((((((((((((((( Files Created from 2008-03-02 to 2008-04-02 )))))))))))))))))))))))))))))))
.

2008-03-31 00:55 . 2008-03-31 00:55 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-03-31 00:55 . 2008-03-31 00:55 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-03-31 00:54 . 2008-03-31 02:55 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2008-03-31 00:54 . 2008-03-31 00:55 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-03-27 09:21 . 2008-03-27 09:21 16,504 --a------ C:\Program Files\tmp275328.exe
2008-03-27 09:21 . 2008-03-27 09:21 16,488 --a------ C:\Program Files\tmp275484.exe
2008-03-27 09:21 . 2008-03-27 09:21 16,484 --a------ C:\Program Files\tmp275468.exe
2008-03-26 19:24 . 2008-03-26 19:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-25 21:14 . 2008-03-25 21:15 <DIR> d-------- C:\WINDOWS\Cache
2008-03-25 21:09 . 2008-03-25 21:09 <DIR> d-------- C:\Program Files\SlimBrowser
2008-03-25 21:09 . 2008-03-25 22:02 <DIR> d-------- C:\Documents and Settings\User\Application Data\SlimBrowser
2008-03-25 20:32 . 2008-03-25 21:16 48 --a------ C:\WINDOWS\cgminivw.ini
2008-03-25 20:29 . 2008-03-25 21:12 61 --a------ C:\WINDOWS\Tiny_Run.ini
2008-03-25 08:37 . 2008-03-25 08:37 12,288 --a------ C:\Program Files\tmp39673625.exe
2008-03-25 08:28 . 2008-03-25 08:28 35,644 --a------ C:\Program Files\tmp39155140.exe
2008-03-25 08:27 . 2008-03-25 08:27 13,536 --a------ C:\Program Files\tmp39072500.exe
2008-03-25 08:25 . 2008-03-25 08:25 16,596 --a------ C:\Program Files\tmp38959218.exe
2008-03-24 23:43 . 2008-03-24 23:43 12,288 --a------ C:\Program Files\tmp7648500.exe
2008-03-24 23:14 . 2008-03-24 23:14 35,540 --a------ C:\Program Files\tmp5892296.exe
2008-03-24 23:12 . 2008-03-24 23:12 16,568 --a------ C:\Program Files\tmp5804515.exe
2008-03-24 23:12 . 2008-03-24 23:12 16,552 --a------ C:\Program Files\tmp5803546.exe
2008-03-24 23:12 . 2008-03-24 23:12 13,576 --a------ C:\Program Files\tmp5809437.exe
2008-03-23 22:48 . 2008-03-23 22:48 13,504 --a------ C:\Program Files\tmp35484109.exe
2008-03-23 22:31 . 2008-03-23 22:31 16,484 --a------ C:\Program Files\tmp34435156.exe
2008-03-23 12:54 . 2008-04-02 18:35 13,880 --a------ C:\WINDOWS\system32\drivers\COMFiltr.sys
2008-03-22 21:36 . 2008-03-22 21:36 16,636 --a------ C:\Program Files\tmp14769812.exe
2008-03-22 21:36 . 2008-03-22 21:36 16,528 --a------ C:\Program Files\tmp14769125.exe
2008-03-22 21:36 . 2008-03-22 21:36 16,516 --a------ C:\Program Files\tmp14769109.exe
2008-03-22 21:36 . 2008-03-22 21:36 13,576 --a------ C:\Program Files\tmp14770031.exe
2008-03-22 21:36 . 2008-03-22 21:36 13,440 --a------ C:\Program Files\tmp14770046.exe
2008-03-22 21:36 . 2008-03-22 21:36 13,420 --a------ C:\Program Files\tmp14770015.exe
2008-03-22 14:48 . 2008-03-22 14:48 16,456 --a------ C:\Program Files\tmp127234.exe
2008-03-22 14:48 . 2008-03-22 14:48 13,480 --a------ C:\Program Files\tmp127250.exe
2008-03-21 21:03 . 2008-03-21 21:03 16,568 --a------ C:\Program Files\tmp191171.exe
2008-03-21 21:03 . 2008-03-21 21:03 16,556 --a------ C:\Program Files\tmp192359.exe
2008-03-21 21:03 . 2008-03-21 21:03 16,460 --a------ C:\Program Files\tmp191125.exe
2008-03-21 21:03 . 2008-03-21 21:03 13,496 --a------ C:\Program Files\tmp191187.exe
2008-03-20 22:26 . 2008-03-20 22:26 16,576 --a------ C:\Program Files\tmp15921593.exe
2008-03-20 22:26 . 2008-03-20 22:26 16,460 --a------ C:\Program Files\tmp15922937.exe
2008-03-20 22:26 . 2008-03-20 22:26 13,472 --a------ C:\Program Files\tmp15923015.exe
2008-03-20 22:26 . 2008-03-20 22:26 13,428 --a------ C:\Program Files\tmp15923953.exe
2008-03-20 11:30 . 2008-03-20 11:17 691,545 --a------ C:\WINDOWS\unins000.exe
2008-03-20 11:30 . 2008-03-20 11:30 2,542 --a------ C:\WINDOWS\unins000.dat
2008-03-20 11:15 . 2008-03-20 11:15 12,288 --a------ C:\Program Files\tmp126628906.exe
2008-03-20 11:14 . 2008-03-20 11:14 35,588 --a------ C:\Program Files\tmp126567562.exe
2008-03-20 11:12 . 2008-03-20 11:12 13,456 --a------ C:\Program Files\tmp126451828.exe
2008-03-20 11:08 . 2008-03-20 11:08 16,468 --a------ C:\Program Files\tmp126253781.exe
2008-03-20 09:27 . 2008-03-20 09:27 16,604 --a------ C:\Program Files\tmp120187062.exe
2008-03-20 09:27 . 2008-03-20 09:27 16,516 --a------ C:\Program Files\tmp120187546.exe
2008-03-20 09:27 . 2008-03-20 09:27 16,488 --a------ C:\Program Files\tmp120187218.exe
2008-03-20 09:27 . 2008-03-20 09:27 13,424 --a------ C:\Program Files\tmp120188218.exe
2008-03-20 09:27 . 2008-03-20 09:27 13,376 --a------ C:\Program Files\tmp120187328.exe
2008-03-19 06:37 . 2008-03-19 06:37 16,600 --a------ C:\Program Files\tmp23538375.exe
2008-03-19 06:37 . 2008-03-19 06:37 13,368 --a------ C:\Program Files\tmp23538531.exe
2008-03-19 06:36 . 2008-03-19 06:36 16,648 --a------ C:\Program Files\tmp23537578.exe
2008-03-19 06:36 . 2008-03-19 06:36 16,588 --a------ C:\Program Files\tmp23537796.exe
2008-03-19 06:36 . 2008-03-19 06:36 16,468 --a------ C:\Program Files\tmp23537656.exe
2008-03-19 06:36 . 2008-03-19 06:36 13,416 --a------ C:\Program Files\tmp23537843.exe
2008-03-19 00:04 . 2008-03-19 00:04 47,872 --a------ C:\WINDOWS\system32\drivers\kbd.sys
2008-03-18 10:02 . 2008-03-18 10:02 13,500 --a------ C:\Program Files\tmp3753843.exe
2008-03-18 07:51 . 2008-03-18 07:51 16,516 --a------ C:\Program Files\tmp87393843.exe
2008-03-18 00:47 . 2008-03-18 00:47 13,424 --a------ C:\Program Files\tmp61959625.exe
2008-03-18 00:45 . 2008-03-18 00:45 16,656 --a------ C:\Program Files\tmp61871906.exe
2008-03-18 00:45 . 2008-03-18 00:45 16,592 --a------ C:\Program Files\tmp61872015.exe
2008-03-17 07:40 . 2008-03-17 07:40 16,556 --a------ C:\Program Files\tmp383328.exe
2008-03-16 23:42 . 2008-03-16 23:42 35,784 --a------ C:\Program Files\tmp505718.exe
2008-03-16 23:42 . 2008-03-16 23:42 35,688 --a------ C:\Program Files\tmp506703.exe
2008-03-16 23:42 . 2008-03-16 23:42 16,656 --a------ C:\Program Files\tmp504890.exe
2008-03-16 23:42 . 2008-03-16 23:42 16,496 --a------ C:\Program Files\tmp504468.exe
2008-03-16 23:42 . 2008-03-16 23:42 13,532 --a------ C:\Program Files\tmp506328.exe
2008-03-16 23:42 . 2008-03-16 23:42 13,520 --a------ C:\Program Files\tmp505218.exe
2008-03-16 23:42 . 2008-03-16 23:42 13,500 --a------ C:\Program Files\tmp505546.exe
2008-03-16 23:42 . 2008-03-16 23:42 13,412 --a------ C:\Program Files\tmp505578.exe
2008-03-16 23:42 . 2008-03-16 23:42 12,288 --a------ C:\Program Files\tmp513921.exe
2008-03-16 21:45 . 2008-03-16 21:45 13,496 --a------ C:\Program Files\tmp42647609.exe
2008-03-16 21:41 . 2008-03-16 21:41 16,460 --a------ C:\Program Files\tmp42397453.exe
2008-03-16 09:57 . 2008-03-16 09:57 16,584 --a------ C:\Program Files\tmp178718.exe
2008-03-16 09:57 . 2008-03-16 09:57 16,512 --a------ C:\Program Files\tmp178796.exe
2008-03-16 09:57 . 2008-03-16 09:57 16,504 --a------ C:\Program Files\tmp178562.exe
2008-03-16 09:57 . 2008-03-16 09:57 13,500 --a------ C:\Program Files\tmp178734.exe
2008-03-09 08:56 . 2008-03-09 08:57 <DIR> d-------- C:\Program Files\Panda Security
2008-03-06 16:47 . 2008-03-06 16:47 13,412 --a------ C:\Program Files\tmp25469859.exe
2008-03-06 16:47 . 2008-03-06 16:47 13,412 --a------ C:\Program Files\tmp25469828.exe
2008-03-06 16:47 . 2008-03-06 16:47 13,412 --a------ C:\Program Files\tmp25466578.exe
2008-03-06 16:47 . 2008-03-06 16:47 13,376 --a------ C:\Program Files\tmp25466593.exe
2008-03-06 13:38 . 2008-03-31 02:29 <DIR> d-------- C:\Program Files\cjb
2008-03-06 13:38 . 2008-03-06 13:38 9,216 --a------ C:\Program Files\tmp14118750.exe
2008-03-06 00:50 . 2008-03-06 00:50 11,776 --a------ C:\Program Files\tmp4049593.exe
2008-03-06 00:47 . 2008-03-06 00:47 35,660 --a------ C:\Program Files\tmp3862734.exe
2008-03-06 00:47 . 2008-03-06 00:47 16,620 --a------ C:\Program Files\tmp3861703.exe
2008-03-06 00:47 . 2008-03-06 00:47 16,580 --a------ C:\Program Files\tmp3860718.exe
2008-03-06 00:47 . 2008-03-06 00:47 16,560 --a------ C:\Program Files\tmp3861718.exe
2008-03-06 00:47 . 2008-03-06 00:47 16,548 --a------ C:\Program Files\tmp3861656.exe
2008-03-06 00:47 . 2008-03-06 00:47 13,544 --a------ C:\Program Files\tmp3861781.exe
2008-03-05 23:08 . 2008-03-05 23:08 13,536 --a------ C:\Program Files\tmp136038421.exe
2008-03-05 21:09 . 2008-03-05 21:09 16,500 --a------ C:\Program Files\tmp128911109.exe
2008-03-05 13:53 . 2008-03-31 19:17 <DIR> d-------- C:\Program Files\IE Extensions
2008-03-05 09:29 . 2008-03-05 09:29 16,440 --a------ C:\Program Files\tmp86903921.exe
2008-03-04 22:20 . 2008-03-04 22:20 13,516 --a------ C:\Program Files\tmp46776640.exe
2008-03-04 21:10 . 2008-03-04 21:10 13,364 --a------ C:\Program Files\tmp42581484.exe

Part 2

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-02 18:25 126,088 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck
2008-04-02 18:25 126,088 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT
2008-04-02 18:25 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck
2008-04-02 18:25 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG
2008-04-02 18:01 --------- d-----w C:\Documents and Settings\User\Application Data\OpenOffice.org2
2008-03-31 01:43 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-31 01:42 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-03-31 01:34 --------- d-----w C:\Program Files\Lexmark X1100 Series
2008-03-31 01:32 --------- d-----w C:\Program Files\Google
2008-03-25 21:22 --------- d-----w C:\Program Files\Microsoft Home Publishing 2000
2008-03-24 21:53 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-21 23:09 --------- d-----w C:\Documents and Settings\User\Application Data\uTorrent
2008-03-20 16:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-18 09:07 5 ----a-w C:\Program Files\udefender_setup.exe
2008-03-15 20:10 --------- d-----w C:\Program Files\Windows Live
2008-03-15 20:02 --------- d-----w C:\Program Files\MumbleJumble
2008-03-11 07:08 --------- d-----w C:\Program Files\IncrediGames
2008-03-03 12:52 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-03 12:44 --------- d-----w C:\Documents and Settings\User\Application Data\Lavasoft
2008-02-29 18:00 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-29 18:00 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-29 18:00 --------- d-----w C:\Documents and Settings\User\Application Data\eBookPro6
2008-02-29 10:57 --------- d-----w C:\Program Files\MSN Messenger
2008-02-26 23:58 --------- d-----w C:\Program Files\Betfair
2008-02-26 23:58 --------- d-----w C:\Documents and Settings\User\Application Data\Betfair
2008-02-23 20:53 --------- d-----w C:\Program Files\Personalised Poems 2006
2008-02-23 13:12 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-02-23 13:10 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-02-23 12:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-22 13:28 --------- d-----w C:\Program Files\Alternative Software Ltd
2008-02-12 17:43 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-04 19:00 --------- d-----w C:\Program Files\QuickTime
2008-01-24 17:51 115,256 -c--a-w C:\Documents and Settings\NIAMH\Application Data\GDIPFONTCACHEV1.DAT
2007-12-08 22:53 115,256 -c--a-w C:\Documents and Settings\User\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8311E8F-E459-4D22-89B4-CB9DCF10A425}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-20 15:39 68856]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-04-14 17:56 1957888]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 21:05 204288]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 14:43 7630848]
"nwiz"="nwiz.exe" [2006-08-11 14:43 1519616 C:\WINDOWS\system32\nwiz.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 20:42 32768]
"adiras"="adiras.exe" []
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 15:43 57344]
"WinPatrol"="c:\HIJACK~1\winpatrol.exe" [ ]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-04-18 13:50 180269]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 14:27 222208]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 14:43 86016]
"Adobe Reader Speed Launcher"="D:\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 18:15 1634304]

C:\Documents and Settings\User\Start Menu\Programs\Startup\
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe [2005-09-23 14:36:42 61440]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2006-01-12 21:40:51 962660]
LUMIX Simple Viewer.lnk - C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2006-10-19 12:38:58 57344]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
Microsoft Works Calendar Reminders.lnk - C:\WINDOWS\Installer\{F128BA10-362E-11D3-81AB-00C04FB932BA}\4EBD23F5.exe [2006-01-13 22:19:30 29184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 2007-02-15 21:02 50736 C:\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\78eca999]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\utorrent\\utorrent.exe"=
"D:\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"D:\\Company of Heroes\\RelicCOH.exe"=

R1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-05-11 10:33]
R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-05-11 10:33]
R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-05-11 10:33]
R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-07-11 12:39]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-05-11 10:33]
R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\Drivers\ShlDrv51.sys [2007-05-23 15:40]
R1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-05-11 10:33]
R1 SSHDRV60;SSHDRV60;C:\WINDOWS\system32\drivers\SSHDRV60.sys [2006-02-26 00:10]
R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-05-11 10:33]
R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\drivers\cpoint.sys [2007-06-08 09:44]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-07-12 13:49]
R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys []
R3 NETIMFLT;PANDA NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-04-24 16:43]
R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys []
S1 kbd;kbd;C:\WINDOWS\system32\drivers\kbd.sys [2008-03-19 00:04]
S2 ptssvc;ptssvc;C:\Program Files\KODAK\KODAK Picture Transfer Software\PTSsvc.exe []
S3 ComFiltr;Panda Anti-Dialer;C:\WINDOWS\system32\DRIVERS\COMFiltr.sys [2008-04-02 18:35]
S3 PCD60X2;PCD60X2;C:\DOCUME~1\User\LOCALS~1\Temp\PCD60X2.sys []
S3 PCD60X3;PCD60X3;C:\DOCUME~1\User\LOCALS~1\Temp\PCD60X3.sys []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{170772f5-7f6f-11da-8d91-806d6172696f}]
\Shell\AutoRun\command - D:\ASUSACPI.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-03-29 00:00:00 C:\WINDOWS\Tasks\Basic clean-up.job"
- C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PlaTasks.exe
"2008-03-29 00:00:00 C:\WINDOWS\Tasks\Basic clean-up1.job"
- C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PlaTasks.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-02 19:31:20
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\ArcSoft\Software Suite\PhotoImpression\share\pihook.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\WebProxy.exe
D:\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsCtrls.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
c:\program files\panda software\panda platinum 2006 internet security\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\psimsvc.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
.
**************************************************************************
.
Completion time: 2008-04-02 19:36:59 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-02 18:36:54
ComboFix2.txt 2008-04-02 17:24:06
Pre-Run: 25,750,315,008 bytes free
Post-Run: 25,739,014,144 bytes free
.
2008-03-15 23:51:04 --- E O F ---


HJT Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:39:59, on 02/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\WebProxy.exe
D:\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsCtrls.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
c:\program files\panda software\panda platinum 2006 internet security\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\psimsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
D:\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/radio2/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.TISCALI.CO.UK
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [WinPatrol] c:\HIJACK~1\winpatrol.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: Registration The Settlers II - 10th Anniversary.LNK = D:\Ubisoft\Funatics\The Settlers II - 10th Anniversary\bin\RegistrationReminder.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
--
End of file - 11417 bytes

Part 3

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.orange.co.uk/
O16 - DPF: LotusMenu - https://scouts.org.uk/wps/menu/menudisp.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/UK/install.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146580906515
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.auctiva.com/hostedimages/activex/xupload/XUpload.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O21 - SSODL: VolumePrx - {71888d39-e4f7-472f-a181-7947bd43fada} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda platinum 2006 internet security\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\psimsvc.exe
O23 - Service: ptssvc - Unknown owner - C:\Program Files\KODAK\KODAK Picture Transfer Software\PTSsvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe

Hi Shaba,
one thng I forgot to write was that everytime combofix starts to work Panda my antivirus, says it has stopped a dangerous operation.
Do I need to turn Panda off?
Sorry getting a bit panicy now that i've lost my internet.
Regards
Andy

Hi

Try to reboot computer; it should fix internet connection.

If not, see here (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)

Yes, turning Panda off while combofix run is a good idea.

HI Again Shaba

Everything seemed to go wrong yesterday and in the end I did a system restore so I could get my internet bank on.
Now strangely enough everything seems to be working fine.
I've run a spybot and adaware check and both have come up clean BUT THE KARPERSKY appears to have found some I have included a HJT log and karpersky log for you to check.
I am away all next week so I won't be able to respond until sunday 13th
Thanking you in advance


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:30:09, on 04/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
D:\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsCtrls.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
c:\program files\panda software\panda platinum 2006 internet security\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\psimsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\APVXDWIN.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\cjb\cjb.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\SRVLOAD.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\WebProxy.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavBckPT.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PAVJOBS.EXE
C:\Program Files\Internet Explorer\iexplore.exe
D:\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Outlook Express\msimn.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/radio2/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.orange.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.TISCALI.CO.UK
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: iSecurity - {A8311E8F-E459-4D22-89B4-CB9DCF10A425} - C:\WINDOWS\system32\ISECUR~1.CPL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [WinPatrol] c:\HIJACK~1\winpatrol.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [cbj] C:\Program Files\cjb\cjb.exe
O4 - HKLM\..\Run: [explorer] C:\Program Files\tmp126628906.exe
O4 - HKLM\..\Run: [iSecurity applet] rundll32.exe iSecurity.cpl,SecurityMonitor
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: Registration The Settlers II - 10th Anniversary.LNK = D:\Ubisoft\Funatics\The Settlers II - 10th Anniversary\bin\RegistrationReminder.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.orange.co.uk/
O16 - DPF: LotusMenu - https://scouts.org.uk/wps/menu/menudisp.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/UK/install.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146580906515
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.auctiva.com/hostedimages/activex/xupload/XUpload.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O20 - AppInit_DLLs: iSecurity.cpl
O21 - SSODL: VolumePrx - {71888d39-e4f7-472f-a181-7947bd43fada} - C:\WINDOWS\Installer\{71888d39-e4f7-472f-a181-7947bd43fada}\VolumePrx.dll
O21 - SSODL: iSecurity - {A8311E8F-E459-4D22-89B4-CB9DCF10A425} - C:\WINDOWS\system32\ISECUR~1.CPL (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda platinum 2006 internet security\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\psimsvc.exe
O23 - Service: ptssvc - Unknown owner - C:\Program Files\KODAK\KODAK Picture Transfer Software\PTSsvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe

--
End of file - 12484 bytes

KARPERSKY JUST THE END BIT AS THE FILE IS HUGE

C:\Program Files\tmp120187062.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp120187218.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp120187328.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp120187546.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp120188218.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp12413234.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp126253781.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp126451828.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp126567562.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp127234.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp127250.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp128911109.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp136038421.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp140703.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp147609.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp14769109.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp14769125.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp14769812.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp14770015.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp14770031.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp14770046.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp148812.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp158140.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp158156.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp15921593.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp15922937.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp15923015.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp15923953.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp159750.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp159765.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp159843.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp160468.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp160671.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp160796.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp161156.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp161515.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp178562.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp178718.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp178734.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp178796.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp191125.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp191171.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp191187.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp192359.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp196531.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp2002156.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp2002187.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp20697421.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp20701328.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp20702343.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp20702421.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp23420484.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp23537578.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp23537656.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp23537796.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp23537843.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp23538375.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp23538531.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp25466578.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp25466593.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp25469828.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp25469859.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp275328.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp275390.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp275468.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp275484.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp313718.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp34435156.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp35484109.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp360312.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp3730078.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp3753843.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp383328.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp3860718.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp3861656.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp3861703.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp3861718.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp3861781.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp3862734.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\Program Files\tmp38959218.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp39072500.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp39155140.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp42309500.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp42397453.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp42581484.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp42647609.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp429856500.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp429860140.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp46776640.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp504468.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp504890.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp505218.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp505546.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp505578.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp505718.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp506328.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp506703.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp5607546.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp5729312.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp5803546.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp5804515.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp5809437.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp5892296.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp61871906.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp61872015.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp61959625.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp62526890.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp62526906.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp62527125.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp62528625.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp62530468.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp62534984.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp65575500.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\Program Files\tmp69787937.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp756234.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp756250.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\tmp86903921.exe Infected: Trojan-Dropper.Win32.Agent.fbe skipped
C:\Program Files\tmp87393843.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\Program Files\ucleaner_setup.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.h skipped
C:\QooBox\Quarantine\C\Program Files\tmp12413234.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp140703.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp147609.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp148812.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp158140.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp158156.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp159750.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp159765.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp159843.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp160468.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp160671.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp160796.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp161156.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp161515.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp2002156.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp2002187.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp23420484.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp275390.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp313718.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp360312.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp3730078.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp429856500.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp429860140.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp53343343.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp5607546.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp5729312.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp62526890.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp62526906.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp62527125.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp62528625.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp62530468.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp62534984.exe.vir Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\QooBox\Quarantine\C\Program Files\tmp756234.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\tmp756250.exe.vir Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\QooBox\Quarantine\C\Program Files\ucleaner_setup.exe.vir Infected: not-a-virus:Downloader.Win32.UltimateFix.h skipped
C:\QooBox\Quarantine\C\WINDOWS\Installer\{71888d39-e4f7-472f-a181-7947bd43fada}\VolumePrx.dll.vir Infected: Trojan-Dropper.Win32.Agent.eya skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\.78eca999\78eca999.core.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\.78eca999\78eca999.exe.vir Infected: Trojan.Win32.Inject.aed skipped

PART 2

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520241.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520242.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520243.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520244.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520255.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.h skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520259.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520265.exe Infected: Trojan-Dropper.Win32.Agent.fwi skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520266.exe Infected: Trojan-Dropper.Win32.Agent.fwi skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520282.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520283.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520284.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520285.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520286.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520288.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520289.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520290.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520291.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520292.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520293.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520294.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520295.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520389.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520390.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520393.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520394.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520404.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520405.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520412.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520413.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520414.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520484.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520485.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520486.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520487.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520488.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520489.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520490.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520491.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520492.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520493.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520494.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520495.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520496.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520497.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520498.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520499.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520500.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520501.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP887\A0520514.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524066.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524067.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524068.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524069.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524080.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.h skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524084.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524090.exe Infected: Trojan-Dropper.Win32.Agent.fwi skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524091.exe Infected: Trojan-Dropper.Win32.Agent.fwi skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524107.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524108.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524109.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524110.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524111.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524113.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524114.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524115.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524116.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524117.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524118.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524119.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524120.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524210.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524211.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524214.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524215.exe Infected: Trojan-Dropper.Win32.Agent.ftv skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524225.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524226.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524233.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524234.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524235.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524305.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524306.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524307.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524308.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524309.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524310.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524311.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524312.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524313.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524314.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524315.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524316.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524317.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524318.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524319.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524320.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524321.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524322.exe Infected: Trojan-Dropper.Win32.Agent.ftu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP889\A0524335.exe Infected: Trojan-Downloader.Win32.Small.iuq skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP900\A0527364.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP900\A0528346.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP902\A0529347.dll Infected: Trojan-Clicker.Win32.Agent.xs skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP902\A0529348.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP902\A0529349.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP902\A0529350.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP902\A0529351.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP902\A0530369.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP902\A0530370.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP902\A0530371.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP902\A0530372.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP902\A0530390.dll Infected: Trojan-Clicker.Win32.Agent.xs skipped

part3

C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531369.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531370.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531371.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531372.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531373.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531374.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531375.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531376.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531377.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531378.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531379.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531380.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531381.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0531399.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0532399.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0532416.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP903\A0532417.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP904\A0532468.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP904\A0532469.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP904\A0532470.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP904\A0532471.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP904\A0532472.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP904\A0532473.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP904\A0533468.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP904\A0533469.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP904\A0533470.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP904\A0533471.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP904\A0533472.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP906\A0534468.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP906\A0534469.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP906\A0534470.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP910\A0534543.dll Infected: Trojan-Clicker.Win32.Agent.xs skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP911\A0535487.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP911\A0536488.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP911\A0540487.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP911\A0540488.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP911\A0542487.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP911\A0542489.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP911\A0542490.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP911\A0542491.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP912\A0545487.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP913\A0546487.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP913\A0546488.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP914\A0547495.dll Infected: Trojan-Clicker.Win32.Agent.xs skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548488.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548510.dll Infected: Trojan-Clicker.Win32.Agent.xs skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548533.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548534.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548535.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548544.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548545.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548546.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548547.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548548.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548549.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548550.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548551.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548552.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548553.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548554.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548555.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548556.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548557.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548558.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548559.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548560.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548561.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548562.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548563.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548564.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548565.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548566.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548567.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548568.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548569.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548570.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548571.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548572.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548573.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548574.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548575.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548576.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548577.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548578.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548579.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP915\A0548580.exe Infected: Trojan-Downloader.Win32.BHO.ea skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP917\A0552698.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.h skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP917\A0552699.dll Infected: Trojan-Dropper.Win32.Agent.eya skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553788.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553789.exe Infected: Trojan.Win32.Inject.aed skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553802.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553805.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553806.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553807.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553808.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553809.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553810.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553811.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553812.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553813.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553814.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553815.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553816.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553818.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553830.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553831.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553833.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553835.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553836.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553851.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553852.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553867.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553868.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553875.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553876.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553878.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553888.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553889.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553890.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553891.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553892.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553893.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553900.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP918\A0553901.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped

part 4

C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555424.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555425.exe Infected: Trojan.Win32.Inject.aed skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555438.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555441.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555442.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555443.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555444.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555445.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555446.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555447.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555448.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555449.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555450.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555451.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555452.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555454.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555466.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555467.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555469.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555471.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555472.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555487.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555488.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555503.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555504.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555511.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555512.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555514.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555524.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555525.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555526.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555527.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555528.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555529.exe Infected: Trojan-Downloader.Win32.Agent.keu skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555536.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP920\A0555537.exe Infected: Trojan-Downloader.Win32.Small.ivo skipped
C:\System Volume Information\_restore{D0284593-10A5-4720-A87A-F926EB7908BD}\RP921\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Installer\{71888d39-e4f7-472f-a181-7947bd43fada}\VolumePrx.dll Infected: Trojan-Dropper.Win32.Agent.eya skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\TEMP\Perflib_Perfdata_30c.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip/CELLPHONE 1/1111Javagamesappnokia/1111JAVAgamesappsnokia.zip/1111JAVAgamesapps nokia/ActiveViewer/vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0002 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip/CELLPHONE 1/1111Javagamesappnokia/1111JAVAgamesappsnokia.zip/1111JAVAgamesapps nokia/ActiveViewer/vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0003 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip/CELLPHONE 1/1111Javagamesappnokia/1111JAVAgamesappsnokia.zip/1111JAVAgamesapps nokia/ActiveViewer/vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe/data0004 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip/CELLPHONE 1/1111Javagamesappnokia/1111JAVAgamesappsnokia.zip/1111JAVAgamesapps nokia/ActiveViewer/vnc-3.3.7-x86_win32.zip/vnc-3.3.7-x86_win32.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip/CELLPHONE 1/1111Javagamesappnokia/1111JAVAgamesappsnokia.zip/1111JAVAgamesapps nokia/ActiveViewer/vnc-3.3.7-x86_win32.zip Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip/CELLPHONE 1/1111Javagamesappnokia/1111JAVAgamesappsnokia.zip Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip/Extras/AUCTION FLASH INTROS/2cellphone.zip Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.c skipped
D:\CLIPART DOWNLOADS\Extras.zip ZIP: infected - 7 skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

Scan process completed.

Hi

Yes and because of system restore everything is back :sad:

You are far from clean.

If you are away until 13th, it might be better to post when you come back
a fresh HijackThis log, kaspersky report and combofix report.

But if you are present meanwhile, let me know and I'll give you next instructions :)

Andkat?

Due to the lack of feedback this Topic is closed.

If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than five days since your last response and you need the thread re-opened, please send a private message (pm). A valid, working link to the closed topic is required.

Everyone else please begin a New Topic.