Okay, I got virused. I keep my task manager up at all times, so when my processor spike at 100% I knew right away. finding a process called hldrrr.exe, I killed it, only to have it come up again when I tried to launch IE, each and every time. Finding it in my windows/drivers directory, I deleted it, and it hasn't returned. I also found another file with the same iconography as it did (a round red cross over white) I deleted that as well, but have since forgotten the file name. I thought to run a av scan, and that's when I noticed that I didn't have tray icons for EITHER Norton AV, or AVG. I was able to launch the AVG test-center and start a scan, but my system then crashed and relaunched, and from that point on ANY av software I try to runs tells me that it's not a valid win32 app. This includes spybot s&d, avg, norton, windows defender, you name it. IE will NOT connect to any webpage, even if I run network diagnostics and it reports no problems, and I want to view the details, it takes several minutes for IE to open THAT page, and it's not even over the internet. I DO still have internet access, as you can see, but only by using firefox. I did see a thread about trying to remove hldrrr.exe, and downloaded icesword to try it. Since the reboot, I don't get an error about invalid win32 apps for it, but it won't run, either. What happens is the explorer window I open to get to icesword just locks up, as soon as I try and launch the app. with that locked up, I can't do much of anything, until I reboot. I truly hope someone can help me, this is the only system I have left since my laptop gave up on me.

Hi

Your description matches with Bagle worm.


This allows hackers to remotely control your computer, steal critical system information and Download and Execute files

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the Trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? (http://www.dslreports.com/faq/10451)
When Should I Format, How Should I Reinstall (http://www.dslreports.com/faq/10063)

However, if you do not have the resources to reinstall your computer and would like me to attempt to clean it, I will be happy to do so.
Should you have any questions, please feel free to ask.

Please let us know what you have decided to do in your next post.

Thank you. If I absolutely have to, I do have the resources to reformat and reinstall. Problem is, I don't have the resources to back any of the data up from the c: drive that would be lost by such a drastic measure. I'm reasonably certain I stopped the actions of that virus before it did more than destroy my AV suites, and I have an external firewall that is quite secure, and it is NOT compromised, at all. In the past, I would be able to dismount the c: drive, put it in a caddy and use my laptop to scan for viruses and clean it, but my laptop will not take power anymore, and I haven't figured that one out. So, that option is not longer available. If you will help me clean this system, then that is the route I'd prefer to go. I'm reasonably tech savvy, though not a virus expert by any means. I'll do what you say, step-by-step.

Thanks

Hi

Ok.

Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 3 (http://subs.geekstogo.com/ComboFix.exe)

http://i266.photobucket.com/albums/ii277/sUBs_/combofix/CF_download_FF.gif


http://i266.photobucket.com/albums/ii277/sUBs_/combofix/CF_download_rename.gif
--------------------------------------------------------------------

Double click on Combo-Fix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the C:\ComboFix.txt along with a HijackThis log (you probably need to download that again) so we can continue cleaning the system.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

Okay, that's done, here are the logs

Combofix:
ComboFix 08-05-15.3 - Rick Hawn 2008-05-19 2:31:55.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.471 [GMT -4:00]
Running from: C:\Documents and Settings\Rick Hawn\Desktop\Combo-Fix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Rick Hawn\Application Data\m
C:\Documents and Settings\Rick Hawn\Application Data\m\shared
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\.NET_Dashboard_Suite_3.0_[Key].zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\1 Cool Button Tool - Flash 5.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\7-Zip_Portable_4.42.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\A-Flow_3.5.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\ABC_Amber_BlackBerry_Editor_1.03.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Accessory Media Viewer 3.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\ActiveBypass_2.5.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Add Context Menu 1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Advanced FTP and Download Helper 2.2.0.2.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Advanced_Email_Protector_1.0_[Crack].zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Aglare_AVI_MP4_3GP_iPod_MPEG_WMV_MOV_DVD_Converter_1.0_(Crack).zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\AK-Isolator 1.2.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Alion_1.0_(KeyGen).zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\All_To_MP3_Converter_2.0_(Crack).zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Anonymous_Surfing_2.0.4_Crack.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Antivirus.NOD32.2.51.20.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Application_Warp_Memory_Manager_v4.6_[Crack].zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Assam-Calcu_2.4.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Atlanta Traffic Cam Viewer 1.6.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Audio Editor Express 4.0 KeyGen.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\AutoLyrics 0.1.2b.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\AV Voice Changer Software 6.0.10 (Crack).zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Better_FileMaker_Developer_Feb_2003_Issue_4.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Bitmap_Font_Edit_1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Business_Plan_eGuides_2.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Cavity Crusade 1.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\CBackup Lite 1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Citroen Sports Screensaver 9.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Cleanerzoomer_3.64.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Command & Conquer Generals - Tournament Oasis map.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\ContactsCollector_1.1.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\damFormMemory 1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\DeafSpot_Google_Toolbar_4.5.8.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Dhey Huntin 8 1.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\DiffUnlock 1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Digital_Indicator_.NET_component_1.009.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Disk_benchmark_2006_1.0.2.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Dorgem 2.1.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Dreamscape_Analysis_2.0.1d.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\DzSoft PHP Editor 4.1.1.2.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Easy_E-Mail_Notify_5.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Easy_Photo_Editor_1.9.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\EGO_3.6_KeyGen.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\emboot_MBA_on_Disk_for_VM_1.5.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Fantasize Soundfont Player VSTi 2.3.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\FastReport Studio 4.5.9.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\FileClone_1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Flash_Horizontal_Menu_Wizard_2.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Flower_Lines_1.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\FolderToDrive 1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Ford Model T Screensaver 1.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\FreeVoice 1.2 Beta.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\GMail_Bookmark_1.1.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\GSA_Image_Spider_2.45_Patch.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Halloween Firefox theme 2.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Home_Organizer_Deluxe_2.3.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Hunter HTML Optimizer 1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\idManage 4.4.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\iFlysoft Flash Converter 1.2.1.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Image_miner_1.30.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\ImageSafety_1.0_(Patch).zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Instant Video Autorun 1.74.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Instrumentation .Net Package 1.000.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\ITWorkTimer_1.1_(Serial).zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Java Modelling Tools 0.7.3.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\JavaScript_Dissolving_PopMenu_1.0_Key+Serial.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\JimPack 2.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\kCharge_2.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Kernel_Paradox_4.03.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\KnowItAll_2.0.632.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Length Optimizer Multiple List Version 1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\LibMaster.com ActiveStockChart 1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\LingvoSoft_Dictionary_2007_German_-_Italian_4.0.22.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\LingvoSoft_Picture_Dictionary_2007_English_-_Estonian_1.1.17.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\LopeEdit Pro 5.4.1.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Magic 3GP Video Converter 8.0.1.16.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\MapCreator_Free_Edition_1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Memory Monitor 1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\MIE55SpeedUp_1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Mineral_Miner_1.01.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\mnoGoSearch_Lite_3.2.42.1_Cracked.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Morovia Code 128 Barcode Fontware 1.0 [Crack].zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\MorphBuster_7.5.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Mucha Art Nouveau 1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Multi-Replace 2.2.5.0 [Key].zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\myCalendar 2.3.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\NBC Today Show 7.08.27.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\NET_Video_Spy_2.0_(With_Crack).zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\New Utilities 2.5.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Nexeye_Monitoring_Enterprise_1.2.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Omar Sharif Bridge II 1.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Online_Store_Kit_3.0_Lite_3.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\PageFour_1.61_(KeyGen).zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\PC Digital Safe 2.50i.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\PL.Ewido.Anti-Spyware.v.4.0.0.172.+.serial.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\PowerSearch_2.2.1_With_Crack.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\RBTray 3.1.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\SafeSurfer Popup Ad Killer 1.8.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Saint_Paint_Studio_12.1.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\ScanWiz_1.1_(Cracked).zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\SIMPLEX 1.7.2.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Skorbord 1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Skype Toolbar for Internet Explorer 2.1.0.12.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Smart_Pc_Keylogger_3.2.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\SMSLibX_1.9.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\SpaceGuard SRM 6.0 Build 1113.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Spectrino_for_R_1.5.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Speech_Timer_1.0_With_Crack.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\StarCraft_patch_1.13.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Sysutil Wakeup 1.01.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Tadpole 0.5.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\The Sorting Machine 1.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\The_Sims_-_Celtics_T-Shirt_skin.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Twin Folders 3.0 (Key).zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Unit_Player_1.06.344.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Unreal_Tournament_2004_ONS_Jungle_Redux_Map.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Vigenère Cipher 2.0.2.3.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Vinny_Federal_Income_Tax_2004_Feb_7.2005.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\WinProxy Secure Suite 6.1.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\X-Treme Media Finder 2.0.1.1.0.4.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\Zee-Troll 2.0.zip
C:\Documents and Settings\Rick Hawn\Application Data\m\shared\ZipRecovery_1.5.zip
C:\WINDOWS\Downloaded Program Files\ODCTOOLS
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\system32\ban_list.txt
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\downld\14868046.exe
C:\WINDOWS\system32\drivers\downld\14892906.exe
C:\WINDOWS\system32\drivers\downld\21116750.exe
C:\WINDOWS\system32\drivers\downld\21148765.exe
C:\WINDOWS\system32\drivers\downld\21303890.exe
C:\WINDOWS\system32\drivers\downld\22455546.exe
C:\WINDOWS\system32\drivers\downld\22476796.exe
C:\WINDOWS\system32\drivers\downld\22535406.exe
C:\WINDOWS\system32\drivers\downld\22542859.exe
C:\WINDOWS\system32\drivers\downld\22554609.exe
C:\WINDOWS\system32\drivers\downld\22562578.exe
C:\WINDOWS\system32\drivers\downld\22585078.exe
C:\WINDOWS\system32\drivers\downld\22637250.exe
C:\WINDOWS\system32\drivers\downld\22646890.exe
C:\WINDOWS\system32\drivers\downld\22656875.exe
C:\WINDOWS\system32\drivers\downld\22672375.exe
C:\WINDOWS\system32\drivers\downld\22695218.exe
C:\WINDOWS\system32\drivers\downld\22752437.exe
C:\WINDOWS\system32\drivers\downld\22979921.exe
C:\WINDOWS\system32\drivers\downld\23072484.exe
C:\WINDOWS\system32\drivers\downld\23169812.exe
C:\WINDOWS\system32\drivers\downld\23203015.exe
C:\WINDOWS\system32\drivers\downld\239953.exe
C:\WINDOWS\system32\drivers\downld\26234109.exe
C:\WINDOWS\system32\drivers\downld\26324406.exe
C:\WINDOWS\system32\drivers\downld\26372578.exe
C:\WINDOWS\system32\drivers\downld\26422421.exe
C:\WINDOWS\system32\drivers\downld\26568718.exe
C:\WINDOWS\system32\drivers\downld\28023265.exe
C:\WINDOWS\system32\drivers\downld\304156.exe
C:\WINDOWS\system32\drivers\downld\32171500.exe
C:\WINDOWS\system32\drivers\downld\32212015.exe
C:\WINDOWS\system32\drivers\downld\32363312.exe
C:\WINDOWS\system32\drivers\downld\32487906.exe
C:\WINDOWS\system32\drivers\downld\32513875.exe
C:\WINDOWS\system32\drivers\downld\33041390.exe
C:\WINDOWS\system32\drivers\downld\333796.exe
C:\WINDOWS\system32\drivers\downld\34536140.exe
C:\WINDOWS\system32\drivers\downld\345625.exe
C:\WINDOWS\system32\drivers\downld\35229593.exe
C:\WINDOWS\system32\drivers\downld\361609.exe
C:\WINDOWS\system32\drivers\downld\454546.exe
C:\WINDOWS\system32\drivers\downld\463953.exe
C:\WINDOWS\system32\drivers\downld\471562.exe
C:\WINDOWS\system32\drivers\downld\489984.exe
C:\WINDOWS\system32\drivers\downld\630515.exe
C:\WINDOWS\system32\drivers\downld\645703.exe
C:\WINDOWS\system32\drivers\downld\678156.exe
C:\WINDOWS\system32\drivers\downld\845562.exe
C:\WINDOWS\system32\drivers\downld\908265.exe
C:\WINDOWS\system32\drivers\downld\923171.exe
C:\WINDOWS\system32\drivers\downld\931562.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe
G:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA


((((((((((((((((((((((((( Files Created from 2008-04-19 to 2008-05-19 )))))))))))))))))))))))))))))))
.

2008-05-18 23:50 . 2008-05-18 23:50 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-05-18 20:25 . 2008-05-18 20:25 <DIR> d-------- C:\Program Files\Siber Systems
2008-05-18 20:25 . 2008-05-18 20:25 <DIR> d-------- C:\Documents and Settings\Rick Hawn\Application Data\GoodSync
2008-05-18 18:30 . 2008-05-18 18:31 12,584 --a------ C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate
2008-05-18 16:31 . 2008-05-18 17:45 <DIR> d-------- C:\!KillBox
2008-05-18 16:10 . 2008-05-18 16:10 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-05-18 16:10 . 2008-05-18 16:10 <DIR> d-------- C:\Documents and Settings\Rick Hawn\Application Data\PC Tools
2008-05-18 16:10 . 2007-12-10 13:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-05-18 16:10 . 2007-12-10 13:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-05-18 16:10 . 2008-02-01 11:55 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-05-18 16:10 . 2007-12-10 13:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-05-18 14:44 . 2008-05-18 14:44 <DIR> d-------- C:\Diamond
2008-05-18 14:26 . 2008-05-18 14:26 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-05-18 14:25 . 2008-05-18 14:25 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-05-18 14:25 . 2008-05-18 14:25 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-05-18 14:25 . 2008-05-18 14:25 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-05-18 14:25 . 2008-05-18 14:25 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-05-18 14:25 . 2008-05-18 14:25 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-05-18 14:11 . 2006-02-28 08:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2008-05-18 14:11 . 2006-02-28 08:00 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2008-05-18 10:00 . 2008-05-18 16:19 1,073,303,552 --a------ C:\WINDOWS\MEMORY.DMP
2008-05-18 05:51 . 2008-05-18 05:52 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-05-18 05:51 . 2008-05-18 05:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-18 04:42 . 2008-05-18 04:42 <DIR> d-------- C:\Documents and Settings\Rick Hawn\Application Data\IMBT
2008-05-18 04:41 . 2008-05-18 04:41 <DIR> d-------- C:\Program Files\IMBT
2008-05-16 00:26 . 2008-05-16 00:26 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-05-16 00:21 . 2008-04-13 22:06 144,384 --a------ C:\WINDOWS\system32\drivers\hdaudbus.sys
2008-05-16 00:19 . 2006-12-29 00:31 19,569 --a------ C:\WINDOWS\000001_.tmp
2008-05-07 20:04 . 2008-05-07 20:04 <DIR> d-------- C:\Program Files\TiVo
2008-05-07 20:04 . 2008-05-07 20:04 <DIR> d-------- C:\Program Files\Common Files\TiVo Shared
2008-05-07 20:04 . 2008-05-07 20:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TiVo
2008-05-07 20:03 . 2008-05-07 20:05 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-06 15:02 . 2008-05-06 15:02 <DIR> d-------- C:\Program Files\SSSleeper
2008-04-27 21:12 . 2008-04-27 21:13 <DIR> d-------- C:\Program Files\Virtual Earth 3D
2008-04-24 07:11 . 2008-04-24 07:11 <DIR> d-------- C:\Program Files\MSECache
2008-04-21 23:50 . 2008-04-21 23:50 <DIR> d-------- C:\Program Files\Apple Software Update

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-19 07:01 --------- d-----w C:\Program Files\BOINC
2008-05-19 06:19 --------- d-----w C:\Documents and Settings\Rick Hawn\Application Data\uTorrent
2008-05-18 22:49 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-05-18 22:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-05-18 09:19 --------- d-----w C:\Program Files\eMule
2008-05-18 09:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2008-05-18 08:44 --------- d-----w C:\Documents and Settings\Rick Hawn\Application Data\AVG7
2008-05-14 05:34 --------- d-----w C:\Program Files\iPod2PC
2008-05-12 18:46 --------- d-----w C:\Program Files\Norton SystemWorks
2008-05-11 02:33 --------- d-----w C:\Program Files\Free Easy Burner
2008-05-06 01:13 --------- d-----w C:\Program Files\Unlocker
2008-05-04 09:19 --------- d-----w C:\Program Files\uTorrent
2008-04-20 00:04 --------- d-----w C:\Program Files\DivX
2008-04-14 09:41 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll
2008-04-14 04:10 10,240 ----a-w C:\WINDOWS\system32\drivers\sffp_mmc.sys
2008-04-13 05:49 --------- d-----w C:\Program Files\IrfanView
2008-04-08 17:29 --------- d-----w C:\Program Files\BitComet
2008-04-08 11:00 --------- d-----w C:\Documents and Settings\Rick Hawn\Application Data\Apple Computer
2008-04-05 11:06 --------- d-----w C:\Program Files\PowerISO
2008-04-05 10:22 --------- d-----w C:\Program Files\AmoK Burning
2008-04-05 10:03 --------- d-----w C:\Program Files\Plucker
2008-04-05 09:34 --------- d-----w C:\Documents and Settings\Rick Hawn\Application Data\FinalBurner DATA
2008-04-05 09:26 --------- d-----w C:\Documents and Settings\Rick Hawn\Application Data\FinalBurner Video DVD
2008-04-05 09:23 --------- d-----w C:\Documents and Settings\Rick Hawn\Application Data\DeepBurner
2008-04-05 09:22 --------- d-----w C:\Program Files\Astonsoft
2008-04-04 12:05 --------- d-----w C:\Program Files\iTunes
2008-04-04 12:04 --------- d-----w C:\Program Files\iPod
2008-04-04 12:02 --------- d-----w C:\Program Files\QuickTime
2008-04-02 07:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-23 04:08 --------- d-----w C:\Documents and Settings\Rick Hawn\Application Data\dvdcss
2008-03-20 15:50 --------- d-----w C:\Documents and Settings\Rick Hawn\Application Data\Tunebite
2008-03-20 15:47 --------- d-----w C:\Documents and Settings\Rick Hawn\Application Data\RTPlayer
2008-03-19 01:20 --------- d-----w C:\Program Files\Java
2008-03-08 20:49 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2008-03-08 20:49 249,856 ----a-w C:\WINDOWS\Setup1.exe
.

<pre>
----a-w 566,385 2007-04-26 08:27:17 C:\Documents and Settings\Rick Hawn\My Documents\My Received Files\TiVo Desktop\setup .exe
</pre>


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-14 05:42 1695232]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2005-04-24 02:03 643072]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 08:00 15360]
"EPSON Stylus CX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.exe" [2005-02-08 05:00 98304]
"TivoTransfer"="C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" [2008-04-04 10:54 1193984]
"TivoNotify"="C:\Program Files\TiVo\Desktop\TiVoNotify.exe" [2008-04-04 10:54 394240]
"TivoServer"="C:\Program Files\TiVo\Desktop\TiVoServer.exe" [2008-04-04 10:56 1879552]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-05-18 05:51 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nForce Tray Options"="sstray.exe" [2003-12-17 06:53 73728 C:\WINDOWS\system32\sstray.exe]
"Cmaudio"="cmicnfg.cpl" []
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 20:20 866584]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-05-19 02:44 58728]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-12-17 09:12 100056]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"mxomssmenu"="C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" [2007-09-06 15:53 169264]
"AtomTime"="C:\Program Files\AtomTime Pro\AtomTime.EXE" [2004-12-03 12:04 396316]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-05 20:26 185896]
"EPSON Stylus CX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.exe" [2005-02-08 05:00 98304]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"Itiva Media Accelerator"="C:\Program Files\Itiva\Itiva Media Accelerator\ItivaMediaAccelerator.exe" [2008-03-25 13:55 4912368]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-05-19 02:45 579584]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-02-24 08:32 86016]
"Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [2006-02-28 08:00 143360]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-03-14 19:50 233472]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-05-19 02:23 219136]

C:\Documents and Settings\Rick Hawn\Start Menu\Programs\Startup\
BOINC Manager.lnk - C:\Program Files\BOINC\boincmgr.exe [2007-11-13 14:44:44 4141056]
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe [2008-01-08 07:47:01 557568]
SSSleeper.lnk - C:\Program Files\SSSleeper\SSSleeper.exe [2000-01-25 22:21:38 73728]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 16:40:46 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 16:39 294400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\WINDOWS\\system32\\javaw.exe"=
"C:\\Program Files\\Itiva\\Itiva Media Accelerator\\ItivaMediaAccelerator.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10779:TCP"= 10779:TCP:BitComet 10779 TCP
"10779:UDP"= 10779:UDP:BitComet 10779 UDP
"7987:TCP"= 7987:TCP:BitComet 7987 TCP
"7987:UDP"= 7987:UDP:BitComet 7987 UDP
"4673:TCP"= 4673:TCP:BitComet 4673 TCP(ED2K)
"4673:UDP"= 4673:UDP:BitComet 4673 UDP(ED2K)
"23608:TCP"= 23608:TCP:BitComet 23608 TCP
"23608:UDP"= 23608:UDP:BitComet 23608 UDP
"11609:TCP"= 11609:TCP:BitComet 11609 TCP(ED2K)
"11609:UDP"= 11609:UDP:BitComet 11609 UDP(ED2K)
"13213:TCP"= 13213:TCP:BitComet 13213 TCP
"13213:UDP"= 13213:UDP:BitComet 13213 UDP
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"9136:TCP"= 9136:TCP:BitComet 9136 TCP
"9136:UDP"= 9136:UDP:BitComet 9136 UDP
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R2 Maxtor Sync Service;Maxtor Service;"C:\Program Files\Maxtor\Sync\SyncServices.exe" [2007-09-28 13:24]
R2 TivoBeacon2;TiVo Beacon;"C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe" /service []
S3 SetupNTGLM7X;SetupNTGLM7X;F:\NTGLM7X.sys []

*Newly Created Service* - BITS

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{621FCD24-4498-4324-A81E-07D331376EDF}]
C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-05-13 21:37:15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-19 05:32:24 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2008-05-12 18:46:48 C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job"
- C:\Program Files\Norton SystemWorks\OBC.exe
"2008-05-19 04:00:06 C:\WINDOWS\Tasks\Symantec Drmc.job"
- C:\Program Files\Common Files\Symantec Shared\SymDrmc.exe
"2008-05-19 07:00:16 C:\WINDOWS\Tasks\{D1694CC6-99AD-4EA1-8E89-01EACA9DDB7C}_JINDAI_Rick Hawn.job"
- C:\WINDOWS\system32\mobsync.exeE /Schedule=
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-19 03:03:00
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\SSSleeper\SSSleeperDLL.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\E_S00RP1.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.exe
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\system32\searchindexer.exe
C:\Program Files\BOINC\boinc.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\searchprotocolhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R3_4.26_windows_intelx86.exe
C:\WINDOWS\system32\searchfilterhost.exe
.
**************************************************************************
.
Completion time: 2008-05-19 3:12:46 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-19 07:12:38

Pre-Run: 3,587,674,112 bytes free
Post-Run: 3,755,016,192 bytes free

428 --- E O F --- 2008-05-16 05:35:21

Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:16:16 AM, on 5/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\E_S00RP1.EXE
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\sstray.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\SAgent4.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AtomTime Pro\AtomTime.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE
C:\Program Files\Itiva\Itiva Media Accelerator\ItivaMediaAccelerator.exe
C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
C:\Program Files\TiVo\Desktop\TiVoNotify.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\SSSleeper\SSSleeper.exe
C:\Program Files\BOINC\boinc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\TiVo\Desktop\TiVoServer.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R3_4.26_windows_intelx86.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [AtomTime] "C:\Program Files\AtomTime Pro\AtomTime.EXE"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus CX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /O6 "USB001" /M "Stylus CX3800"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Itiva Media Accelerator] C:\Program Files\Itiva\Itiva Media Accelerator\ItivaMediaAccelerator.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus CX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /M "Stylus CX3800" /EF "HKCU"
O4 - HKCU\..\Run: [TivoTransfer] "C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" /service /registry /auto:TivoTransfer
O4 - HKCU\..\Run: [TivoNotify] "C:\Program Files\TiVo\Desktop\TiVoNotify.exe" /service /registry /auto:TivoNotify
O4 - HKCU\..\Run: [TivoServer] "C:\Program Files\TiVo\Desktop\TiVoServer.exe" /service /registry /auto:TivoServer
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: SSSleeper.lnk = C:\Program Files\SSSleeper\SSSleeper.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197886558656
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe

--
End of file - 10478 bytes

Ish, I hope you can get all this.

Hi

Please run an online scan with Kaspersky Online Scanner (http://www.kaspersky.com/virusscanner). You will be prompted to install an ActiveX component from Kaspersky, click Yes.
The program will launch and start to download the latest definition files.
Once the scanner is installed and the definitions downloaded, click Next.
Now click on Scan Settings and select the following:
Scan using the following Anti-Virus database:
Extended (If available, otherwise Standard)
Scan Options:
Scan Archives
Scan Mail Bases
Click OK.
Under
select a target to scan
, select My Computer.
The scan will take a while so be patient and let it run. As it scans your machine very deeply it could take hours to complete, Kaspersky suggests running it during a time of low activity.Once the scan is complete:
Click on the Save as Text button.
Save the file to your desktop.
Copy and paste that information into your next post if the AV content will fit into one post only.
If the results of the anti virus scan itself will take more than one post to contain, you may upload it to http://rapidshare.com


Note for Internet Explorer 7 users: If at any time you have trouble with the Accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%.

If having a problme doing the above

Make sure that your Internet security settings are set to default values.

To set default security settings for Internet Explorer:

* Open Internet Explorer.
* Go to the Tools menu, then choose Internet Options.
* Click on the Security tab.
* Make sure that all four item (Internet, Local intranet, Trusted sites, and Restricted sites) are set to their default settings.

Okay, ran it twice :oops: (An error caused it to navigate away from the scan when it was 90% complete, so had to rerun it. *Sigh* But here are the results:

Tuesday, May 20, 2008 1:58:24 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 19/05/2008
Kaspersky Anti-Virus database records: 785800
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
G:\
H:\
Scan Statistics
Total number of scanned objects 175234
Number of viruses found 17
Number of infected objects 329
Number of suspicious objects 0
Duration of the scan process 10:49:21

Infected Object Name Virus Name Last Action
C:\!KillBox\flec006.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\!KillBox\flec006.exe( 1) Infected: Email-Worm.Win32.Bagle.of skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.12.Crwl Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.12.gthr Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.ci Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.wsb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001A.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001B.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001F.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010025.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010026.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010027.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001002D.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001003C.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001003E.wid Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy136.gthr Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf2.tmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf3.tmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_810.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-05-19_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Desktop Search\Logs\UNCFATPHLog.txt Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\TiVo Desktop\Logs\TiVoBeacon.log Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Mozilla\Firefox\Profiles\9hgeircn.default\cert8.db Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Mozilla\Firefox\Profiles\9hgeircn.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Mozilla\Firefox\Profiles\9hgeircn.default\history.dat Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Mozilla\Firefox\Profiles\9hgeircn.default\key3.db Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Mozilla\Firefox\Profiles\9hgeircn.default\parent.lock Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Mozilla\Firefox\Profiles\9hgeircn.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Mozilla\Firefox\Profiles\9hgeircn.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Skype\jindaihideo\contactgroup256.dbb Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Skype\jindaihideo\dyncontent\bundle.dat Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Skype\jindaihideo\index2.dat Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Skype\jindaihideo\profile16384.dbb Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Skype\jindaihideo\profile256.dbb Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Skype\jindaihideo\user1024.dbb Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Skype\jindaihideo\user16384.dbb Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Skype\jindaihideo\user256.dbb Object is locked skipped
C:\Documents and Settings\Rick Hawn\Application Data\Skype\jindaihideo\user4096.dbb Object is locked skipped
C:\Documents and Settings\Rick Hawn\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\Itiva\Itiva Media Accelerator\QNode.log Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db.shadow Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\Microsoft\Desktop Search\Logs\OTFSMonLog.txt Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\Mozilla\Firefox\Profiles\9hgeircn.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\Mozilla\Firefox\Profiles\9hgeircn.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\Mozilla\Firefox\Profiles\9hgeircn.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\Mozilla\Firefox\Profiles\9hgeircn.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\TiVo Desktop\Logs\DownloadManager.log Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\TiVo Desktop\Logs\TiVoNotify.log Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\TiVo Desktop\Logs\TiVoServer.log Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\TiVo Desktop\Logs\TiVoTransfer.log Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Application Data\TiVo Desktop\Logs\Transcode.log Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Temp\Perflib_Perfdata_d2c.dat Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Temp\~DF18BA.tmp Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Temp\~DF60A8.tmp Object is locked skipped
C:\Documents and Settings\Rick Hawn\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Rick Hawn\My Documents\Angel files.xls Object is locked skipped
C:\Documents and Settings\Rick Hawn\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Rick Hawn\ntuser.dat.LOG Object is locked skipped
C:\Program Files\AtomTime Pro\atomtime.log Object is locked skipped
C:\Program Files\BOINC\slots\2\boinc_lockfile Object is locked skipped
C:\Program Files\BOINC\slots\2\stderr.txt Object is locked skipped
C:\Program Files\BOINC\stderrdae.txt Object is locked skipped
C:\Program Files\BOINC\stderrgui.txt Object is locked skipped
C:\Program Files\BOINC\stdoutdae.txt Object is locked skipped
C:\Program Files\BOINC\stdoutgui.txt Object is locked skipped
C:\Program Files\BOINC\time_stats_log Object is locked skipped
C:\Program Files\eMule\Incoming\Images\Stuff\Rar Password Cracker v4.11 - Keygen.zip/rpc.exe Infected: not-a-virus:PSWTool.Win32.RARPassCrack.a skipped
C:\Program Files\eMule\Incoming\Images\Stuff\Rar Password Cracker v4.11 - Keygen.zip ZIP: infected - 1 skipped
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe Infected: Trojan-Downloader.Win32.Bagle.po skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0A36046B.exe/data0002 Infected: not-a-virus:AdWare.Win32.Comet.ac skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0A36046B.exe NSIS: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0A36046B.exe CryptFF: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\.NET_Dashboard_Suite_3.0_[Key].zip.vir/.NET_Dashboard_Suite_3.0_[Key].exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\.NET_Dashboard_Suite_3.0_[Key].zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\1 Cool Button Tool - Flash 5.0.zip.vir/1 Cool Button Tool - Flash 5.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\1 Cool Button Tool - Flash 5.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\7-Zip_Portable_4.42.zip.vir/7-Zip_Portable_4.42.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\7-Zip_Portable_4.42.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\A-Flow_3.5.zip.vir/A-Flow_3.5.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\A-Flow_3.5.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ABC_Amber_BlackBerry_Editor_1.03.zip.vir/ABC_Amber_BlackBerry_Editor_1.03.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ABC_Amber_BlackBerry_Editor_1.03.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Accessory Media Viewer 3.0.zip.vir/Accessory Media Viewer 3.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Accessory Media Viewer 3.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ActiveBypass_2.5.zip.vir/ActiveBypass_2.5.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ActiveBypass_2.5.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Add Context Menu 1.0.zip.vir/Add Context Menu 1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Add Context Menu 1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Advanced FTP and Download Helper 2.2.0.2.zip.vir/Advanced FTP and Download Helper 2.2.0.2.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Advanced FTP and Download Helper 2.2.0.2.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Advanced_Email_Protector_1.0_[Crack].zip.vir/Advanced_Email_Protector_1.0_[Crack].exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Advanced_Email_Protector_1.0_[Crack].zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Aglare_AVI_MP4_3GP_iPod_MPEG_WMV_MOV_DVD_Converter_1.0_(Crack).zip.vir/Aglare_AVI_MP4_3GP_iPod_MPEG_WMV_MOV_DVD_Converter_1.0_(Crack).exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Aglare_AVI_MP4_3GP_iPod_MPEG_WMV_MOV_DVD_Converter_1.0_(Crack).zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\AK-Isolator 1.2.zip.vir/AK-Isolator 1.2.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\AK-Isolator 1.2.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Alion_1.0_(KeyGen).zip.vir/Alion_1.0_(KeyGen).exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Alion_1.0_(KeyGen).zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\All_To_MP3_Converter_2.0_(Crack).zip.vir/All_To_MP3_Converter_2.0_(Crack).exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\All_To_MP3_Converter_2.0_(Crack).zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Anonymous_Surfing_2.0.4_Crack.zip.vir/Anonymous_Surfing_2.0.4_Crack.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Anonymous_Surfing_2.0.4_Crack.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Antivirus.NOD32.2.51.20.zip.vir/Antivirus.NOD32.2.51.20.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Antivirus.NOD32.2.51.20.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Application_Warp_Memory_Manager_v4.6_[Crack].zip.vir/Application_Warp_Memory_Manager_v4.6_[Crack].exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Application_Warp_Memory_Manager_v4.6_[Crack].zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Assam-Calcu_2.4.zip.vir/Assam-Calcu_2.4.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Assam-Calcu_2.4.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Atlanta Traffic Cam Viewer 1.6.zip.vir/Atlanta Traffic Cam Viewer 1.6.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Atlanta Traffic Cam Viewer 1.6.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Audio Editor Express 4.0 KeyGen.zip.vir/Audio Editor Express 4.0 KeyGen.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Audio Editor Express 4.0 KeyGen.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\AutoLyrics 0.1.2b.zip.vir/AutoLyrics 0.1.2b.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\AutoLyrics 0.1.2b.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\AV Voice Changer Software 6.0.10 (Crack).zip.vir/AV Voice Changer Software 6.0.10 (Crack).exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\AV Voice Changer Software 6.0.10 (Crack).zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Better_FileMaker_Developer_Feb_2003_Issue_4.0.zip.vir/Better_FileMaker_Developer_Feb_2003_Issue_4.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Better_FileMaker_Developer_Feb_2003_Issue_4.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Bitmap_Font_Edit_1.0.zip.vir/Bitmap_Font_Edit_1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Bitmap_Font_Edit_1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Business_Plan_eGuides_2.0.zip.vir/Business_Plan_eGuides_2.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Business_Plan_eGuides_2.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Cavity Crusade 1.zip.vir/Cavity Crusade 1.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Cavity Crusade 1.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\CBackup Lite 1.0.zip.vir/CBackup Lite 1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\CBackup Lite 1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Citroen Sports Screensaver 9.zip.vir/Citroen Sports Screensaver 9.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Citroen Sports Screensaver 9.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Cleanerzoomer_3.64.zip.vir/Cleanerzoomer_3.64.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Cleanerzoomer_3.64.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Command & Conquer Generals - Tournament Oasis map.zip.vir/Command & Conquer Generals - Tournament Oasis map.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Command & Conquer Generals - Tournament Oasis map.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ContactsCollector_1.1.zip.vir/ContactsCollector_1.1.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ContactsCollector_1.1.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\damFormMemory 1.0.zip.vir/damFormMemory 1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\damFormMemory 1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\DeafSpot_Google_Toolbar_4.5.8.zip.vir/DeafSpot_Google_Toolbar_4.5.8.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\DeafSpot_Google_Toolbar_4.5.8.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Dhey Huntin 8 1.zip.vir/Dhey Huntin 8 1.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Dhey Huntin 8 1.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\DiffUnlock 1.0.zip.vir/DiffUnlock 1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\DiffUnlock 1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Digital_Indicator_.NET_component_1.009.zip.vir/Digital_Indicator_.NET_component_1.009.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Digital_Indicator_.NET_component_1.009.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Disk_benchmark_2006_1.0.2.zip.vir/Disk_benchmark_2006_1.0.2.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Disk_benchmark_2006_1.0.2.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Dorgem 2.1.zip.vir/Dorgem 2.1.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Dorgem 2.1.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Dreamscape_Analysis_2.0.1d.zip.vir/Dreamscape_Analysis_2.0.1d.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Dreamscape_Analysis_2.0.1d.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\DzSoft PHP Editor 4.1.1.2.zip.vir/DzSoft PHP Editor 4.1.1.2.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\DzSoft PHP Editor 4.1.1.2.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Easy_E-Mail_Notify_5.0.zip.vir/Easy_E-Mail_Notify_5.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Easy_E-Mail_Notify_5.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Easy_Photo_Editor_1.9.zip.vir/Easy_Photo_Editor_1.9.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Easy_Photo_Editor_1.9.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\EGO_3.6_KeyGen.zip.vir/EGO_3.6_KeyGen.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\EGO_3.6_KeyGen.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\emboot_MBA_on_Disk_for_VM_1.5.zip.vir/emboot_MBA_on_Disk_for_VM_1.5.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\emboot_MBA_on_Disk_for_VM_1.5.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Fantasize Soundfont Player VSTi 2.3.zip.vir/Fantasize Soundfont Player VSTi 2.3.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Fantasize Soundfont Player VSTi 2.3.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\FastReport Studio 4.5.9.zip.vir/FastReport Studio 4.5.9.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\FastReport Studio 4.5.9.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\FileClone_1.0.zip.vir/FileClone_1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\FileClone_1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Flash_Horizontal_Menu_Wizard_2.0.zip.vir/Flash_Horizontal_Menu_Wizard_2.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Flash_Horizontal_Menu_Wizard_2.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Flower_Lines_1.zip.vir/Flower_Lines_1.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Flower_Lines_1.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\FolderToDrive 1.0.zip.vir/FolderToDrive 1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\FolderToDrive 1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Ford Model T Screensaver 1.zip.vir/Ford Model T Screensaver 1.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Ford Model T Screensaver 1.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\FreeVoice 1.2 Beta.zip.vir/FreeVoice 1.2 Beta.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\FreeVoice 1.2 Beta.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\GMail_Bookmark_1.1.zip.vir/GMail_Bookmark_1.1.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\GMail_Bookmark_1.1.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\GSA_Image_Spider_2.45_Patch.zip.vir/GSA_Image_Spider_2.45_Patch.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\GSA_Image_Spider_2.45_Patch.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Halloween Firefox theme 2.0.zip.vir/Halloween Firefox theme 2.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Halloween Firefox theme 2.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Home_Organizer_Deluxe_2.3.zip.vir/Home_Organizer_Deluxe_2.3.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Home_Organizer_Deluxe_2.3.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Hunter HTML Optimizer 1.0.zip.vir/Hunter HTML Optimizer 1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Hunter HTML Optimizer 1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\idManage 4.4.zip.vir/idManage 4.4.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\idManage 4.4.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\iFlysoft Flash Converter 1.2.1.zip.vir/iFlysoft Flash Converter 1.2.1.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\iFlysoft Flash Converter 1.2.1.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ImageSafety_1.0_(Patch).zip.vir/ImageSafety_1.0_(Patch).exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ImageSafety_1.0_(Patch).zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Image_miner_1.30.zip.vir/Image_miner_1.30.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Image_miner_1.30.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Instant Video Autorun 1.74.0.zip.vir/Instant Video Autorun 1.74.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Instant Video Autorun 1.74.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Instrumentation .Net Package 1.000.zip.vir/Instrumentation .Net Package 1.000.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Instrumentation .Net Package 1.000.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ITWorkTimer_1.1_(Serial).zip.vir/ITWorkTimer_1.1_(Serial).exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ITWorkTimer_1.1_(Serial).zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Java Modelling Tools 0.7.3.zip.vir/Java Modelling Tools 0.7.3.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Java Modelling Tools 0.7.3.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\JavaScript_Dissolving_PopMenu_1.0_Key+Serial.zip.vir/JavaScript_Dissolving_PopMenu_1.0_Key+Serial.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\JavaScript_Dissolving_PopMenu_1.0_Key+Serial.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\JimPack 2.0.zip.vir/JimPack 2.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\JimPack 2.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\kCharge_2.0.zip.vir/kCharge_2.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\kCharge_2.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Kernel_Paradox_4.03.zip.vir/Kernel_Paradox_4.03.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Kernel_Paradox_4.03.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\KnowItAll_2.0.632.zip.vir/KnowItAll_2.0.632.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\KnowItAll_2.0.632.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Length Optimizer Multiple List Version 1.0.zip.vir/Length Optimizer Multiple List Version 1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Length Optimizer Multiple List Version 1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\LibMaster.com ActiveStockChart 1.0.zip.vir/LibMaster.com ActiveStockChart 1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\LibMaster.com ActiveStockChart 1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\LingvoSoft_Dictionary_2007_German_-_Italian_4.0.22.zip.vir/LingvoSoft_Dictionary_2007_German_-_Italian_4.0.22.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\LingvoSoft_Dictionary_2007_German_-_Italian_4.0.22.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\LingvoSoft_Picture_Dictionary_2007_English_-_Estonian_1.1.17.zip.vir/LingvoSoft_Picture_Dictionary_2007_English_-_Estonian_1.1.17.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\LingvoSoft_Picture_Dictionary_2007_English_-_Estonian_1.1.17.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\LopeEdit Pro 5.4.1.zip.vir/LopeEdit Pro 5.4.1.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\LopeEdit Pro 5.4.1.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Magic 3GP Video Converter 8.0.1.16.zip.vir/Magic 3GP Video Converter 8.0.1.16.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Magic 3GP Video Converter 8.0.1.16.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\MapCreator_Free_Edition_1.0.zip.vir/MapCreator_Free_Edition_1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\MapCreator_Free_Edition_1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Memory Monitor 1.0.zip.vir/Memory Monitor 1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Memory Monitor 1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\MIE55SpeedUp_1.0.zip.vir/MIE55SpeedUp_1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\MIE55SpeedUp_1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Mineral_Miner_1.01.zip.vir/Mineral_Miner_1.01.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Mineral_Miner_1.01.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\mnoGoSearch_Lite_3.2.42.1_Cracked.zip.vir/mnoGoSearch_Lite_3.2.42.1_Cracked.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\mnoGoSearch_Lite_3.2.42.1_Cracked.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Morovia Code 128 Barcode Fontware 1.0 [Crack].zip.vir/Morovia Code 128 Barcode Fontware 1.0 [Crack].exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Morovia Code 128 Barcode Fontware 1.0 [Crack].zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\MorphBuster_7.5.zip.vir/MorphBuster_7.5.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\MorphBuster_7.5.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Mucha Art Nouveau 1.0.zip.vir/Mucha Art Nouveau 1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Mucha Art Nouveau 1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Multi-Replace 2.2.5.0 [Key].zip.vir/Multi-Replace 2.2.5.0 [Key].exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Multi-Replace 2.2.5.0 [Key].zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\myCalendar 2.3.zip.vir/myCalendar 2.3.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\myCalendar 2.3.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\NBC Today Show 7.08.27.zip.vir/NBC Today Show 7.08.27.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\NBC Today Show 7.08.27.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\NET_Video_Spy_2.0_(With_Crack).zip.vir/NET_Video_Spy_2.0_(With_Crack).exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\NET_Video_Spy_2.0_(With_Crack).zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\New Utilities 2.5.zip.vir/New Utilities 2.5.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\New Utilities 2.5.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Nexeye_Monitoring_Enterprise_1.2.zip.vir/Nexeye_Monitoring_Enterprise_1.2.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Nexeye_Monitoring_Enterprise_1.2.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Omar Sharif Bridge II 1.zip.vir/Omar Sharif Bridge II 1.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Omar Sharif Bridge II 1.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Online_Store_Kit_3.0_Lite_3.0.zip.vir/Online_Store_Kit_3.0_Lite_3.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Online_Store_Kit_3.0_Lite_3.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\PageFour_1.61_(KeyGen).zip.vir/PageFour_1.61_(KeyGen).exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\PageFour_1.61_(KeyGen).zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\PC Digital Safe 2.50i.zip.vir/PC Digital Safe 2.50i.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\PC Digital Safe 2.50i.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\PL.Ewido.Anti-Spyware.v.4.0.0.172.+.serial.zip.vir/PL.Ewido.Anti-Spyware.v.4.0.0.172.+.serial.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\PL.Ewido.Anti-Spyware.v.4.0.0.172.+.serial.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\PowerSearch_2.2.1_With_Crack.zip.vir/PowerSearch_2.2.1_With_Crack.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\PowerSearch_2.2.1_With_Crack.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\RBTray 3.1.zip.vir/RBTray 3.1.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\RBTray 3.1.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\SafeSurfer Popup Ad Killer 1.8.zip.vir/SafeSurfer Popup Ad Killer 1.8.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\SafeSurfer Popup Ad Killer 1.8.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Saint_Paint_Studio_12.1.zip.vir/Saint_Paint_Studio_12.1.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Saint_Paint_Studio_12.1.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ScanWiz_1.1_(Cracked).zip.vir/ScanWiz_1.1_(Cracked).exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ScanWiz_1.1_(Cracked).zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\SIMPLEX 1.7.2.zip.vir/SIMPLEX 1.7.2.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\SIMPLEX 1.7.2.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Skorbord 1.0.zip.vir/Skorbord 1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Skorbord 1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Skype Toolbar for Internet Explorer 2.1.0.12.zip.vir/Skype Toolbar for Internet Explorer 2.1.0.12.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Skype Toolbar for Internet Explorer 2.1.0.12.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Smart_Pc_Keylogger_3.2.zip.vir/Smart_Pc_Keylogger_3.2.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Smart_Pc_Keylogger_3.2.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\SMSLibX_1.9.zip.vir/SMSLibX_1.9.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\SMSLibX_1.9.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\SpaceGuard SRM 6.0 Build 1113.zip.vir/SpaceGuard SRM 6.0 Build 1113.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\SpaceGuard SRM 6.0 Build 1113.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Spectrino_for_R_1.5.0.zip.vir/Spectrino_for_R_1.5.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Spectrino_for_R_1.5.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Speech_Timer_1.0_With_Crack.zip.vir/Speech_Timer_1.0_With_Crack.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Speech_Timer_1.0_With_Crack.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\StarCraft_patch_1.13.zip.vir/StarCraft_patch_1.13.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\StarCraft_patch_1.13.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Sysutil Wakeup 1.01.zip.vir/Sysutil Wakeup 1.01.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Sysutil Wakeup 1.01.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Tadpole 0.5.zip.vir/Tadpole 0.5.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Tadpole 0.5.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\The Sorting Machine 1.0.zip.vir/The Sorting Machine 1.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\The Sorting Machine 1.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\The_Sims_-_Celtics_T-Shirt_skin.zip.vir/The_Sims_-_Celtics_T-Shirt_skin.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\The_Sims_-_Celtics_T-Shirt_skin.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Twin Folders 3.0 (Key).zip.vir/Twin Folders 3.0 (Key).exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Twin Folders 3.0 (Key).zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Unit_Player_1.06.344.zip.vir/Unit_Player_1.06.344.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Unit_Player_1.06.344.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Unreal_Tournament_2004_ONS_Jungle_Redux_Map.zip.vir/Unreal_Tournament_2004_ONS_Jungle_Redux_Map.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Unreal_Tournament_2004_ONS_Jungle_Redux_Map.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Vigenère Cipher 2.0.2.3.zip.vir/VigenFre Cipher 2.0.2.3.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Vigenère Cipher 2.0.2.3.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Vinny_Federal_Income_Tax_2004_Feb_7.2005.zip.vir/Vinny_Federal_Income_Tax_2004_Feb_7.2005.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Vinny_Federal_Income_Tax_2004_Feb_7.2005.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\WinProxy Secure Suite 6.1.zip.vir/WinProxy Secure Suite 6.1.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\WinProxy Secure Suite 6.1.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\X-Treme Media Finder 2.0.1.1.0.4.zip.vir/X-Treme Media Finder 2.0.1.1.0.4.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\X-Treme Media Finder 2.0.1.1.0.4.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Zee-Troll 2.0.zip.vir/Zee-Troll 2.0.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\Zee-Troll 2.0.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ZipRecovery_1.5.zip.vir/ZipRecovery_1.5.exe Infected: Trojan-Downloader.Win32.Bagle.ps skipped
C:\QooBox\Quarantine\C\Documents and Settings\Rick Hawn\Application Data\m\shared\ZipRecovery_1.5.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\22542859.exe.vir Infected: Email-Worm.Win32.Bagle.vr skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\22554609.exe.vir Infected: Trojan-Downloader.Win32.Bagle.ij skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\22562578.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\22646890.exe.vir Infected: Trojan-Downloader.Win32.Bagle.ij skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\22656875.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\22695218.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\26372578.exe.vir Infected: Trojan-Downloader.Win32.Bagle.ij skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\26422421.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\catchme2008-05-19_ 25828.13.zip/wintems.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\catchme2008-05-19_ 25828.13.zip/mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\catchme2008-05-19_ 25828.13.zip/hldrrr.exe Infected: Trojan-Downloader.Win32.Bagle.po skipped
C:\QooBox\Quarantine\catchme2008-05-19_ 25828.13.zip/mdelk.exe.1 Infected: Trojan-Downloader.Win32.Bagle.po skipped
C:\QooBox\Quarantine\catchme2008-05-19_ 25828.13.zip ZIP: infected - 4 skipped
C:\QooBox\Quarantine\Registry_backups\Legacy_SROSA.reg.dat Infected: Trojan-Downloader.Win32.Bagle.hp skipped
C:\System Volume Information\catalog.wci\00000002.ps1 Object is locked skipped
C:\System Volume Information\catalog.wci\00000002.ps2 Object is locked skipped
C:\System Volume Information\catalog.wci\00010002.ci Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.fid Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.hsh Object is locked skipped
C:\System Volume Information\catalog.wci\CiCL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP10000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP20000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiPT0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiST0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiVP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\INDEX.000 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk1 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk2 Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP1\A0000009.exe Infected: Trojan-Downloader.Win32.Bagle.po skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP1\A0000010.sys Infected: Trojan-Downloader.Win32.Bagle.mm skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP1\A0000081.exe Infected: Trojan-Downloader.Win32.Bagle.po skipped

To Be continuted---

Here's the rest of it---

C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP1\A0000082.sys Infected: Trojan-Downloader.Win32.Bagle.mm skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP1\A0001028.exe Infected: Trojan-Downloader.Win32.Bagle.po skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP1\A0001222.exe Infected: Trojan-Downloader.Win32.Bagle.po skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP1\A0001223.sys Infected: Trojan-Downloader.Win32.Bagle.mm skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP1\A0001239.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP1\A0001240.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP2\A0001267.exe Infected: Email-Worm.Win32.Bagle.vr skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP2\A0001268.exe Infected: Trojan-Downloader.Win32.Bagle.ij skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP2\A0001269.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP2\A0001272.exe Infected: Trojan-Downloader.Win32.Bagle.ij skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP2\A0001273.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP2\A0001275.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP2\A0001284.exe Infected: Trojan-Downloader.Win32.Bagle.ij skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP2\A0001285.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP2\A0001325.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP2\A0001892.exe Infected: Trojan-Downloader.Win32.Bagle.po skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP2\A0001894.exe Infected: Trojan-Downloader.Win32.Bagle.po skipped
C:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP2\change.log Object is locked skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\CSC\00000002 Object is locked skipped
C:\WINDOWS\CSC\00000003 Object is locked skipped
C:\WINDOWS\CSC\d2\00000011 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{27AE3A06-35A7-49BE-810F-8956FBC663C5}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\My Shared Folder\Mobily\sysreset253.exe/data.rar/mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.614 skipped
D:\My Shared Folder\Mobily\sysreset253.exe/data.rar Infected: not-a-virus:Client-IRC.Win32.mIRC.614 skipped
D:\My Shared Folder\Mobily\sysreset253.exe RarSFX: infected - 2 skipped
D:\Program Files\Agent\Data\0000044D.DAT/[From "amy" ][Date Sat, 20 Nov 2004 10:07:32 GMT]/UNNAMED/CHRISTINA_AGUILERA.scr Infected: Backdoor.Win32.Hackarmy.w skipped
D:\Program Files\Agent\Data\0000044D.DAT/[From "amy" ][Date Sat, 20 Nov 2004 10:07:32 GMT]/UNNAMED Infected: Backdoor.Win32.Hackarmy.w skipped
D:\Program Files\Agent\Data\0000044D.DAT Mail: infected - 2 skipped
D:\RECYCLER\NPROTECT\00000007.EXE Infected: Trojan-Downloader.Win32.Bagle.po skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{4EB0CD3E-4621-49AB-B25C-DADBD3B481DE}\RP2\change.log Object is locked skipped
G:\15f9423f8f24749db647182d0348\Eventlog.txt Object is locked skipped

Oh, crud, sorry I missed that instruction!:sick:

I posted it on the rapidshare site, aftewards, here's the link. I'll delete the overlong posts if I can figure out how.

http://rapidshare.com/files/116202966/Kaz_report.txt.html

Jindai

Hi

Uninstall GoogleToolbar.


Delete following folder:
C:\!KillBox

and files:
C:\Program Files\eMule\Incoming\Images\Stuff\Rar Password Cracker v4.11 - Keygen.zip
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0A36046B.exe


Now lets uninstall ComboFix:

Click START then RUN
Now type Combo-Fix /u in the runbox and click OK


How's the system running?

Did the first two, but "Windows cannot find "Combo-Fix.exe" I did navigate around with explorer to find any command with combo in the name, but it's just not there. Did it delete itself after running?

System seems to be running okay. IE was sluggish to launch, taking as much as 5 minutes looking locked up before displaying a page, but with the Google toolbar uninstalled it's launching quicker now. (mere seconds) As you advised, I'm still not using it for anything serious, like paying bills.

Jindai

Ok. Please check if there's c:\QooBox or c:\ComboFix folder left. Delete both if found. Finally, post a fresh hjt log, please :)

Okay, all found deleted, fresh log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:22:48 PM, on 5/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\E_S00RP1.EXE
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\sstray.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\SAgent4.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE
C:\Program Files\Itiva\Itiva Media Accelerator\ItivaMediaAccelerator.exe
C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
C:\Program Files\TiVo\Desktop\TiVoNotify.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\SSSleeper\SSSleeper.exe
C:\Program Files\BOINC\boinc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\TiVo\Desktop\TiVoServer.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\AtomTime Pro\AtomTime.EXE
C:\WINDOWS\system32\mobsync.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [AtomTime] "C:\Program Files\AtomTime Pro\AtomTime.EXE"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus CX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /O6 "USB001" /M "Stylus CX3800"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Itiva Media Accelerator] C:\Program Files\Itiva\Itiva Media Accelerator\ItivaMediaAccelerator.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus CX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /M "Stylus CX3800" /EF "HKCU"
O4 - HKCU\..\Run: [TivoTransfer] "C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" /service /registry /auto:TivoTransfer
O4 - HKCU\..\Run: [TivoNotify] "C:\Program Files\TiVo\Desktop\TiVoNotify.exe" /service /registry /auto:TivoNotify
O4 - HKCU\..\Run: [TivoServer] "C:\Program Files\TiVo\Desktop\TiVoServer.exe" /service /registry /auto:TivoServer
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: SSSleeper.lnk = C:\Program Files\SSSleeper\SSSleeper.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/us/kavwebscan_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197886558656
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe

--
End of file - 10723 bytes


I did have a process launch a minute ago, lot of HD activity. Looking into the process viewer, there was a 1192something.exe running under "System" didn't recognize it, so I killed it. Normally, system files won't die that way, so I thought it safe enough to try. It died,and HD activity went away. Thought I'd mention it.

Hi

Ok. At the moment log looks good.


Well congrats, it appears your system is all clean Are you still noticing any problems? If not, it's time to secure your system to prevent against further intrusions.


THESE STEPS ARE VERY IMPORTANT

Let's reset system restore
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.

1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.
NOTE: only do this ONCE,NOT on a regular basis



Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...

Updating Java:

Download the latest version of Java Runtime Environment (JRE) 6 Update 6 (http://java.sun.com/javase/downloads/index.jsp).
Scroll down to where it says
The J2SE Runtime Environment (JRE) allows end-users to run Java applications.

Click the
Download
button to the right.
Select Windows on platform combobox and check the box that says:
Accept License Agreement. Click continue.

The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u6-windows-i586-p.exe to install the newest version.


UPDATING WINDOWS AND INTERNET EXPLORER

IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site (http://windowsupdate.microsoft.com/) to get the critical updates.

If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.


Make your Internet Explorer more secure

This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.



The following are recommended third party programs that are designed to keep your computer clean. A link as well as a brief description is included with each item.

Comodo BOCLEAN (http://www.comodo.com/boclean/boclean.html) <= Stop identity thieves from getting personal information. Instantly detects well over 1,000,000 unique, variant and repack malware in total. And it's free.
Download Adaware
Adaware is a free program. It scans for known spyware on your computer. These scans should be run at least once every two weeks. For more information, see this tutorial (http://www.bleepingcomputer.com/forums/index.php?showtutorial=48)
The program is available for download here (http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10319876.html?tag=lst-0-1)
Download SpywareBlaster
Spyware blaster is a program that stops known malicious activex controls from installing on your computer. It works by changing settings in your registry. It makes
kill bits
in the registry, so that certain activex controls can't install.
If you don't know what activex controls are, see here (http://www.webopedia.com/TERM/A/ActiveX_control.html)
You can download SpywareBlaster here here (http://majorgeeks.com/downloadget.php?id=2859&file=11&evp=61b0e8ad41924a03c37615f4682b4cef)
SpywareBlaster tutorial (http://www.bleepingcomputer.com/forums/tutorial49.html)

Download iespyad
It puts many bad webpages on your restricted zones list. This means that you can still view the
bad
webpages, but the webpages cannot do certain things (such as use javascripts and cookies).
If you need help understanding how it works, there is a tutorial here (http://www.bleepingcomputer.com/tutorials/tutorial53.html)
Download it here (http://www.spywarewarrior.com/uiuc/res/ie-spyad.exe)

hosts file:
Every version of windows has a hosts file as part of them. In a very basic sense, they are used to locate webpages. We can customize a hosts file so that it blocks certain webpages. However, it can slow down certain computers. This is why using a hosts file is optional!!
Download it here (http://www.mvps.org/winhelp2002/hosts.htm). Make sure you read the instructions on how to install the hosts file. There is a good tutorial here (http://www.bleepingcomputer.com/forums/tutorial51.html)
If you decide to download the hosts file, the slowdown problems can usually be avoided by following these steps:
Click the start button (at the lower left hand corner of your screen) Click run In the dialog box, type services.msc hit enter, then locate dns client Highlight it, then double-click it. On the dropdown box, change the setting from automatic to manual. Click ok


Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. For more info, check this (http://www.bleepingcomputer.com/forums/tutorial60.html) webpage out.
See here (http://www.freebyte.com/antivirus/#firewalls) to choose one



Just a final reminder for you. I am trying to stress these two points.
UPDATE UPDATE UPDATE!!! Make sure you do this about every 1-2 weeks.
Make sure all of your security programs are up to date.
Run the spybot and adaware regularly. (Once or twice a week minimum.)
Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.



Once again, please post and tell me how things are going with your system... problems etc.

Have a great day,
Blade :cool:

Well, things are almost okay. Thing is, before I posted my first plea hear, I'd run my XP disk to reinstall/repair the installation, as so many things were wonky. That's why I had IE6 and SP2 and all that, I was downgraded by my own actions. Once I was virus-free, I did the process of reupdating. But IE would NOT work right. It would go to my homepage, but ever since the kapinsky scan, trying to open any OTHER page would lead to a cycle of IE not responding, flickering, then not responding, spawning a second window that did the same, an d repeating. So, I tried windows update, and that failed. So I manually downloaded IE 7 with firefox, and installed it, which worked. Now I could use IE for navigation. But update still did not work. I went into the services manager, and reset thing to start and automatic as needed, and update would RUN, and even find needed updates, but they would ALL fail on install. I had previously downloaded SP3 for installation (Multiple machines, download once is so much easier) So, I ran that, and it installed okay, but still update would NOT work. neither web page, nor automatic updates. They'd download, but fail the install. Also, The reinstall of Norton Antivirus kept failing, and I've had that before. It's a Beyotch to fix that without a reformat.
So, my conclusion is that you were right at the very beginning, and I need to wipe, reformat and reinstall. I had hoped I wouldn't have to, but I do. At least I know I'm not backing up viruses to DVD (as that's where my backup is going.) Thanks for all your help.

Of course, it's taking DAYS for the backup to DVD to finish, so if you can think of anything else to fix the update issue, let me know.

Hi


Please find & post C:\Windows\WindowsUpdate.log file as an attachment (you may need to archive it into zip file). :)

Okie doke, here it is.

Note: It's actually a Rar file renamed to zip. Zip was not compressing it enough to get below the 97 kb limit, so I compressed using rar, and renamed the extension. If you don't have winrar, I'll have to split the log, I guess, and post as two zips. (On an aside, zip is OLD freaking tech, and rar is at least 5 years established. Why does this site not recognize that format?)

Hi

I don't have WinRAR here but I'll check the log on other machine when I get back home :)

Welp, backup is almost done. Might as well just wipe and reinstall now, already used a ton of DVDr's as it is. Thanks for trying, but I guess this is how it'll have to be. Besides, I keep getting weird IE errors. Like it loads the Google page, then I get an error dialog and a critical stop beep all stating that it can't find or load Google.com, yet the page is already loaded. Just one example, it happens on other pages as well. Loads but says it can't.

Hi

Since you've backuped things I'd recommend indeed reformatting. Things seem to be quite badly messed up.

Due to inactivity, this thread will now be closed.

Note:If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than five days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.