Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Wednesday 3.9.2025 / 19:24
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > hijackthis.log file need help
Show topics
 
Forums
Forums
hijackthis.log file need help
  Jump to:
 
Posted Message
excel21
Newbie
_ 		6. July 2007 @ 18:44 _ Link to this message    Send private message to this user   
I am starting to get annoying pop up windows can anyone please help me I scanned my system with HijackThis v1.99.1 and also ran an online scanner with Kaspersky it said it found 14 viruses. Thanks


Logfile of HijackThis v1.99.1
Scan saved at 6:55:12 PM, on 7/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\LTMSG.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ocxloader.exe
C:\WINDOWS\System32\qmlaplop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\DOWNLO~1\MyWebEx\319\raagtx.exe
C:\Program Files\interMute\SpamSubtract\SpamSub.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qus10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [lanmanwrk.exe] C:\WINDOWS\System32\lanmanwrk.exe
O4 - HKLM\..\Run: [ocxloader.exe] C:\WINDOWS\System32\ocxloader.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe
O4 - Global Startup: AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: WebEx PCNow.LNK = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdat...b?1179177815328
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1179178508265
O16 - DPF: {E5168F0C-8591-11D4-BCDF-006008B7FEA4} (PWLNINST Control) - http://iplato.columbus.k12.oh.us/Pathway...ab/pwlninst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{67AE9D04-8247-49C7-86A9-576B845D97B3}: NameServer = 194.54.90.226
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA787BB6-6A43-4969-9E02-48DB08E735DA}: NameServer = 194.54.90.226
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE08B426-5298-4E46-8689-62AF5C11EEA3}: NameServer = 194.54.90.226
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\msvcrtd.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe



Total number of scanned objects 162246
Number of viruses found 14
Number of infected objects 115 / 0
Number of suspicious objects 0
Duration of the scan process 02:25:14

Infected Object Name Virus Name Last Action
C:\2c0952e41fffdf2d814975ccb9\$shtdwn$.req Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\audiodev.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\blackbox.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\cewmdm.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\drmupgds.exe Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\drmv2clt.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\laprxy.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.401 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.404 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.405 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.406 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.407 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.408 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.409 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.40b Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.40c Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.40d Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.40e Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.410 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.411 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.412 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.413 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.414 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.415 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.416 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.419 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.41b Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.41d Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.41f Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.424 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.804 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.816 Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\locbin\wpdshextres.dll.c0a Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\logagent.exe Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\mfplat.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\mp43decd.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\mp43dmod.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\mp4sdecd.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\mp4sdmod.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\mpg4decd.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\mpg4dmod.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\msnetobj.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\mspmsnsv.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\mspmsp.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\msscp.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\mswmdm.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\portabledeviceapi.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\portabledeviceclassextension.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\portabledevicetypes.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\portabledevicewiacompat.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\portabledevicewmdrm.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\qasf.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\spuninst.exe Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\spupdsvc.exe Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\update\update.exe Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\update\update.inf Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\update\update.ver Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\update\updspapi.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\update\wmfdist11.cat Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\update\wmfdist11.cdf Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\update\wpdinstallutil.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\uwdf.exe Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wdfapi.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wdfmgr.exe Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmadmod.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmadmoe.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmasf.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmdmlog.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmdmps.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmdrmdev.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmdrmnet.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmdrmsdk.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmidx.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmnetmgr.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmsdmod.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmsdmoe2.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmsetsdk.exe Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmspdmod.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmspdmoe.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmvadvd.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmvadve.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmvcore.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmvdecod.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmvdmod.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmvdmoe2.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmvencod.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmvsdecd.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmvsencd.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wmvxencd.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wpdconns.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wpdinstallutil.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wpdmtp.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wpdmtp.inf Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wpdmtpdr.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wpdmtphw.inf Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wpdmtpus.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wpdshext.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wpdshextautoplay.exe Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wpdshserviceobj.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wpdsp.dll Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wpdusb.sys Object is locked skipped

C:\2c0952e41fffdf2d814975ccb9\wpd_ci.dll Object is locked skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\16\4311ed50-3ed9d652/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\16\4311ed50-3ed9d652/Counter.class Infected: Trojan.Java.ClassLoader.h skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\16\4311ed50-3ed9d652/Parser.class Infected: Trojan.Java.ClassLoader.d skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\16\4311ed50-3ed9d652 ZIP: infected - 3 skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\17\75d07d11-3484ee87/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\17\75d07d11-3484ee87/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\17\75d07d11-3484ee87/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\17\75d07d11-3484ee87 ZIP: infected - 3 skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\20\7328ad54-2f887e69/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\20\7328ad54-2f887e69/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\20\7328ad54-2f887e69/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\20\7328ad54-2f887e69 ZIP: infected - 3 skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\24\3e021ed8-3eca8bc7/Counter.class Infected: Trojan.Java.ClassLoader.i skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\24\3e021ed8-3eca8bc7/VerifierBug.class Infected: Trojan.Java.ClassLoader.k skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\24\3e021ed8-3eca8bc7/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\24\3e021ed8-3eca8bc7 ZIP: infected - 3 skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\34\3110eaa2-496f437a/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\34\3110eaa2-496f437a/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\34\3110eaa2-496f437a ZIP: infected - 2 skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\51\7537abb3-259f48e4/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\51\7537abb3-259f48e4/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\51\7537abb3-259f48e4/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\6.0\51\7537abb3-259f48e4 ZIP: infected - 3 skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arr3.jar-44f46a27-377719a0.zip/Counter.class Infected: Trojan.Java.ClassLoader.i skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arr3.jar-44f46a27-377719a0.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.k skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arr3.jar-44f46a27-377719a0.zip/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arr3.jar-44f46a27-377719a0.zip ZIP: infected - 3 skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-4f011c4-42b2a3b8.zip/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-4f011c4-42b2a3b8.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-4f011c4-42b2a3b8.zip ZIP: infected - 2 skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv430.jar-12e0a5f3-2f419bc8.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv430.jar-12e0a5f3-2f419bc8.zip/Counter.class Infected: Trojan.Java.ClassLoader.h skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv430.jar-12e0a5f3-2f419bc8.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv430.jar-12e0a5f3-2f419bc8.zip ZIP: infected - 3 skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-30bbf59a-6581cd27.zip/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-30bbf59a-6581cd27.zip/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-30bbf59a-6581cd27.zip/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-30bbf59a-6581cd27.zip ZIP: infected - 3 skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-4f24f126.zip/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-4f24f126.zip/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-4f24f126.zip/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-4f24f126.zip ZIP: infected - 3 skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-608c527-122553f9.zip/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-608c527-122553f9.zip/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-608c527-122553f9.zip/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\Documents and Settings\Default User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-608c527-122553f9.zip ZIP: infected - 3 skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{619E23A0-5DE1-4694-9030-89E0C4014C5D}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{619E23A0-5DE1-4694-9030-89E0C4014C5D}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012007070620070707\index.dat Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Temp\~DF1809.tmp Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Temp\~DF1827.tmp Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Temp\~DF4226.tmp Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Temp\~DF6F7D.tmp Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Temp\~DF70B4.tmp Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Temp\~DF93C2.tmp Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Owner\My Documents\Azureus Downloads\AnyDVD & AnyDVD HD 6.1.6.5 Final Incl Patch.rar/keymaker+patch.exe Infected: Trojan-Dropper.Win32.Delf.aec skipped

C:\Documents and Settings\Owner\My Documents\Azureus Downloads\AnyDVD & AnyDVD HD 6.1.6.5 Final Incl Patch.rar RAR: infected - 1 skipped

C:\Documents and Settings\Owner\My Documents\Azureus Downloads\VSO.ConvertXToDVD.2.2.3.258\VSO.ConvertXToDVD.2.2.3.exe/wr-1-426.exe Infected: Trojan-Downloader.Win32.Small.eqn skipped

C:\Documents and Settings\Owner\My Documents\Azureus Downloads\VSO.ConvertXToDVD.2.2.3.258\VSO.ConvertXToDVD.2.2.3.exe ZIP: infected - 1 skipped

C:\Documents and Settings\Owner\My Documents\Azureus Downloads\VSO.ConvertXToDVD.2.2.3.258.rar/VSO.ConvertXToDVD.2.2.3.258/VSO.ConvertXToDVD.2.2.3.exe/wr-1-426.exe Infected: Trojan-Downloader.Win32.Small.eqn skipped

C:\Documents and Settings\Owner\My Documents\Azureus Downloads\VSO.ConvertXToDVD.2.2.3.258.rar/VSO.ConvertXToDVD.2.2.3.258/VSO.ConvertXToDVD.2.2.3.exe Infected: Trojan-Downloader.Win32.Small.eqn skipped

C:\Documents and Settings\Owner\My Documents\Azureus Downloads\VSO.ConvertXToDVD.2.2.3.258.rar RAR: infected - 2 skipped

C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP0\A0000107.reg Infected: Trojan.WinREG.StartPage skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP104\A0011347.exe Infected: Trojan-Dropper.Win32.Small.a skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP105\A0011394.exe Infected: Trojan-Dropper.Win32.Small.a skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP105\A0011395.exe Infected: Trojan-Dropper.Win32.Small.a skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP170\A0023754.sys Infected: Rootkit.Win32.Agent.gk skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP170\A0023755.exe Infected: Trojan.Win32.Agent.aia skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP170\A0023757.exe Infected: Trojan.Win32.Agent.aia skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP170\A0024755.exe Infected: Trojan.Win32.Agent.aia skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP170\A0024759.exe Infected: Trojan.Win32.Agent.aia skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP171\A0024788.exe Infected: Trojan.Win32.Agent.aia skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP171\A0024792.exe Infected: Trojan.Win32.Agent.aia skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP171\A0024968.exe Infected: Trojan.Win32.Agent.aia skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP171\A0024971.exe Infected: Trojan.Win32.Agent.aia skipped

C:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP171\change.log Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\colbact.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\comuid.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\es.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\ole32.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\txflog.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB833407$\bssym7.ttf Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{7B4E0E3C-20CB-44A6-B637-7F71C9E65CC9}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\16\4311ed50-3ed9d652/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\16\4311ed50-3ed9d652/Counter.class Infected: Trojan.Java.ClassLoader.h skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\16\4311ed50-3ed9d652/Parser.class Infected: Trojan.Java.ClassLoader.d skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\16\4311ed50-3ed9d652 ZIP: infected - 3 skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\17\75d07d11-3484ee87/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\17\75d07d11-3484ee87/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\17\75d07d11-3484ee87/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\17\75d07d11-3484ee87 ZIP: infected - 3 skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\20\7328ad54-2f887e69/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\20\7328ad54-2f887e69/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\20\7328ad54-2f887e69/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\20\7328ad54-2f887e69 ZIP: infected - 3 skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\24\3e021ed8-3eca8bc7/Counter.class Infected: Trojan.Java.ClassLoader.i skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\24\3e021ed8-3eca8bc7/VerifierBug.class Infected: Trojan.Java.ClassLoader.k skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\24\3e021ed8-3eca8bc7/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\24\3e021ed8-3eca8bc7 ZIP: infected - 3 skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\34\3110eaa2-496f437a/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\34\3110eaa2-496f437a/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\34\3110eaa2-496f437a ZIP: infected - 2 skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\51\7537abb3-259f48e4/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\51\7537abb3-259f48e4/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\51\7537abb3-259f48e4/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\51\7537abb3-259f48e4 ZIP: infected - 3 skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arr3.jar-44f46a27-377719a0.zip/Counter.class Infected: Trojan.Java.ClassLoader.i skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arr3.jar-44f46a27-377719a0.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.k skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arr3.jar-44f46a27-377719a0.zip/Beyond.class Infected: Trojan.Java.ClassLoader.k skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arr3.jar-44f46a27-377719a0.zip ZIP: infected - 3 skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-4f011c4-42b2a3b8.zip/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-4f011c4-42b2a3b8.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-4f011c4-42b2a3b8.zip ZIP: infected - 2 skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv430.jar-12e0a5f3-2f419bc8.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv430.jar-12e0a5f3-2f419bc8.zip/Counter.class Infected: Trojan.Java.ClassLoader.h skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv430.jar-12e0a5f3-2f419bc8.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv430.jar-12e0a5f3-2f419bc8.zip ZIP: infected - 3 skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-30bbf59a-6581cd27.zip/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-30bbf59a-6581cd27.zip/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-30bbf59a-6581cd27.zip/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-30bbf59a-6581cd27.zip ZIP: infected - 3 skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-4f24f126.zip/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-4f24f126.zip/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-4f24f126.zip/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-4f24f126.zip ZIP: infected - 3 skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-608c527-122553f9.zip/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-608c527-122553f9.zip/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-608c527-122553f9.zip/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped

C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-608c527-122553f9.zip ZIP: infected - 3 skipped

C:\WINDOWS\system32\gtnfswkk.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\iepref32.dll Object is locked skipped

C:\WINDOWS\system32\lanmanwrk.exe Infected: Trojan.Win32.Agent.aia skipped

C:\WINDOWS\system32\msvcrtd.exe Object is locked skipped

C:\WINDOWS\system32\qmlaplop.exe Infected: Trojan.Win32.Agent.aia skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Temp\Perflib_Perfdata_620.dat Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

D:\System Volume Information\_restore{88A9728D-068D-4BE5-99BD-49CC3FD4BC94}\RP171\change.log Object is locked skipped

Scan process completed.
[ + quote]
hilu
Junior Member
_ 		7. July 2007 @ 02:56 _ Link to this message    Send private message to this user   
Hi excel21


Rename HijackThis.exe

1. Right click on the HijackThis icon.




2. Select Rename.




3. Now type the following scanner.exe <<< NOTE: make sure to put period before exe when typing.
Hit the enter key on keyboard.




---------------------------------------------------------------------------------

Please download VundoFix.exe to your desktop.
* Double-click VundoFix.exe to run it.
* Click the Scan for Vundo button.
* Once it's done scanning, click the Remove Vundo button.
* You will receive a prompt asking if you want to remove the files, click YES
* Once you click yes, your desktop will go blank as it starts removing Vundo.
* When completed, it will prompt that it will reboot your computer, click OK.
* Please post the contents of C:\vundofix.txt and a new HijackThis log.

Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.

-----------------------------------------------------------------------------

post:

C:\vundofix.txt
fresh HijackThis log
[ + quote]
excel21
Newbie
_ 		7. July 2007 @ 10:56 _ Link to this message    Send private message to this user   
I am having trouble trying to open VundoFix.exe my browser has been hijack is there something else I can do maybe a website.thanks
[ + quote]
Advertisement
_ 		__
 
_
hilu
Junior Member
_ 		8. July 2007 @ 00:54 _ Link to this message    Send private message to this user   
Hi,

Download ComboFix from Here or Here to your Desktop.[list][*]Double click combofix.exe and follow the prompts.[*]When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply[/list][color=Blue]Note: Do not mouseclick combofix's window while its running. That may cause it to stall[/color]

-----------------------------------------------------------------------------------

Download Blacklight Beta

* Download fsbl.exe and save it to the C:\
Go to Start-->Run, copy in the following text and press Enter:
C:\fsbl.exe /expert
(space between fsbl.exe and /expert)

Accept the agreement, leave [X]scan through Windows Explorer checked.
Click > scan, Then > next
You'll see a list of all items found.

Don't choose Rename if something was found!

Exit.
There will be a log in C:\ with the name fsbl.xxxxxxx.log (the xxxxxxx stand for numbers).
Copy and paste the contents of this log into your next reply.

post:

Blacklight log
C:\combofix.txt
fresh HijackThis log
[ + quote]
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > hijackthis.log file need help
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2025 by AfterDawn Ltd.

  IDG TechNetwork