Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I either have or had a keylogger


  • This topic is locked This topic is locked
2 replies to this topic

#1 giantsfan97

giantsfan97

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 13 August 2009 - 01:46 PM

A few weeks back someone hacked my WoW account through what must have been a keylogger virus. I ran AVG Free and found some malware (I can't remember what) and thought I had taken care of the problem.

About a week ago I was hacked again in the same way, I hadn't downloaded anything possibly malicious between the hacks.

I purchased Kaspersky Internet Protection 2009 and I have been doing full scans on the highest setting almost every day.

A few of the times it has said that it found viruses, and I assumed that it got rid of them (I didn't sit and watch the virus scan) because afterward Kaspersky either says that 'my computer is protected' or it says that there is a threat and I click on 'fix the threat' and it does something and then says 'my computer is protected'.

I did another scan today and it said that a virus was found and I had it fixed. I will copy my Kaspersky reports following the DDS log.

Here is my DDS log, I disabled Kaspersky before running it and enabled it after it was done:


DDS (Ver_09-07-30.01) - NTFSx86
Run by Rafae Khan at 14:24:14.09 on Thu 08/13/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.485 [GMT -4:00]

AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\RMSvc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Rafae Khan\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\twext.exe,
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nwiz] nwiz.exe /installquiet /nodetect
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [RecGuard] c:\windows\sminst\RecGuard.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\extend~1.lnk - c:\windows\ehome\RMSysTry.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\office10\OSA.EXE
IE: Add to Banner Ad Blocker - c:\program files\kaspersky lab\kaspersky internet security 2009\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} - hxxp://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\rafaek~1\applic~1\mozilla\firefox\profiles\zjnavr2h.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\rafae khan\application data\mozilla\firefox\profiles\zjnavr2h.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp071101000055.dll
FF - plugin: c:\documents and settings\rafae khan\application data\mozilla\plugins\npoctoshape.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\octoshape streaming services\rafae khan\octoprogram-l03-nms0806260_sua_000\npoctoshape.dll
FF - plugin: c:\program files\octoshape streaming services\rafae khan\octoprogram-l03-nms0810164_sua_000\npoctoshape.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-8-6 226832]
R2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe [2008-11-11 208616]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\McrdSvc.exe [2005-10-20 96256]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-5-11 1251720]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-8-11 24652]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 24592]
S3 iComp;HP Analog TV Tuner;c:\windows\system32\drivers\p2usbwdm.sys [2006-1-17 1536000]

=============== Created Last 30 ================

2009-08-12 23:49 128,512 -------- c:\windows\system32\dllcache\dhtmled.ocx
2009-08-12 23:49 1,315,328 -------- c:\windows\system32\dllcache\msoe.dll
2009-08-11 19:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\acccore
2009-08-11 19:57 <DIR> --d----- c:\program files\common files\AOL
2009-08-11 19:57 <DIR> --d----- c:\program files\AIM6
2009-08-11 19:57 366 a---h--- C:\IPH.PH
2009-08-08 20:19 1,089,593 -------- c:\windows\system32\dllcache\ntprint.cat
2009-08-08 11:21 <DIR> --d----- c:\windows\system32\XPSViewer
2009-08-08 11:20 <DIR> --d----- C:\c6a561c9927735de1bb93b00334142
2009-08-08 11:20 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-08-08 11:20 1,676,288 -------- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-08 11:20 597,504 -------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-08 11:20 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-08-08 11:20 575,488 -------- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-08 11:20 117,760 -------- c:\windows\system32\prntvpt.dll
2009-08-08 11:20 89,088 -------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-08 11:19 <DIR> --d----- c:\windows\SxsCaPendDel
2009-08-06 01:07 105,395 a------- c:\windows\system32\drivers\klin.dat
2009-08-06 01:07 94,643 a------- c:\windows\system32\drivers\klick.dat
2009-08-06 01:06 3,243,552 a--sh--- c:\windows\system32\drivers\fidbox.dat
2009-08-06 01:06 647,200 a--sh--- c:\windows\system32\drivers\fidbox2.dat
2009-08-06 01:06 27,468 a--sh--- c:\windows\system32\drivers\fidbox.idx
2009-08-06 01:06 4,340 a--sh--- c:\windows\system32\drivers\fidbox2.idx
2009-08-06 01:06 <DIR> --d----- c:\program files\Kaspersky Lab
2009-08-06 01:06 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab
2009-08-06 01:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2009-08-05 05:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-02 18:46 <DIR> --dsh--- c:\documents and settings\rafae khan\IECompatCache
2009-07-31 02:55 <DIR> --d----- c:\program files\AVG
2009-07-29 07:42 594,432 -------- c:\windows\system32\dllcache\msfeeds.dll
2009-07-29 07:42 55,296 -------- c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-26 09:23 <DIR> --dsh--- c:\documents and settings\rafae khan\PrivacIE
2009-07-26 09:17 <DIR> --dsh--- c:\documents and settings\rafae khan\IETldCache
2009-07-26 09:14 101,376 -------- c:\windows\system32\dllcache\iecompat.dll
2009-07-26 09:13 <DIR> --d----- c:\windows\ie8updates
2009-07-26 09:13 11,067,392 -------- c:\windows\system32\dllcache\ieframe.dll
2009-07-26 09:13 1,985,536 -------- c:\windows\system32\dllcache\iertutil.dll
2009-07-26 09:13 246,272 -------- c:\windows\system32\dllcache\ieproxy.dll
2009-07-26 09:13 12,800 -------- c:\windows\system32\dllcache\xpshims.dll
2009-07-26 09:12 <DIR> -cd-h--- c:\windows\ie8
2009-07-25 21:36 <DIR> --d--r-- c:\program files\Skype
2009-07-22 03:01 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2009-07-22 03:01 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-07-22 03:00 21,504 a------- c:\windows\system32\drivers\hidserv.dll
2009-07-17 15:01 58,880 -------- c:\windows\system32\dllcache\atl.dll

==================== Find3M ====================

2009-08-12 15:22 21,592 a------- c:\docume~1\rafaek~1\applic~1\wklnhst.dat
2009-08-06 01:25 33,808 a------- c:\windows\system32\drivers\klbg.sys
2009-08-05 05:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-07-25 05:23 411,368 a------- c:\windows\system32\deploytk.dll
2009-07-19 09:18 5,937,152 -------- c:\windows\system32\dllcache\mshtml.dll
2009-07-17 15:01 58,880 a------- c:\windows\system32\atl.dll
2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll
2009-07-13 23:43 10,841,088 -------- c:\windows\system32\dllcache\wmp.dll
2009-07-13 23:43 286,208 -------- c:\windows\system32\dllcache\wmpdxm.dll
2009-07-03 13:09 915,456 a------- c:\windows\system32\wininet.dll
2009-07-03 13:09 915,456 -------- c:\windows\system32\dllcache\wininet.dll
2009-07-03 13:09 1,208,832 -------- c:\windows\system32\dllcache\urlmon.dll
2009-07-03 13:09 206,848 -------- c:\windows\system32\dllcache\occache.dll
2009-07-03 13:09 25,600 -------- c:\windows\system32\dllcache\jsproxy.dll
2009-07-03 13:09 184,320 -------- c:\windows\system32\dllcache\iepeers.dll
2009-07-03 13:09 386,048 -------- c:\windows\system32\dllcache\iedkcs32.dll
2009-07-03 07:01 173,056 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-06-16 10:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 10:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-16 10:36 119,808 -------- c:\windows\system32\dllcache\t2embed.dll
2009-06-16 10:36 81,920 -------- c:\windows\system32\dllcache\fontsub.dll
2009-06-12 08:31 80,896 a------- c:\windows\system32\tlntsess.exe
2009-06-12 08:31 80,896 -------- c:\windows\system32\dllcache\tlntsess.exe
2009-06-12 08:31 76,288 a------- c:\windows\system32\telnet.exe
2009-06-12 08:31 76,288 -------- c:\windows\system32\dllcache\telnet.exe
2009-06-10 10:13 84,992 a------- c:\windows\system32\avifil32.dll
2009-06-10 10:13 84,992 -------- c:\windows\system32\dllcache\avifil32.dll
2009-06-10 09:19 2,066,432 a------- c:\windows\system32\mstscax.dll
2009-06-10 09:19 2,066,432 -------- c:\windows\system32\dllcache\mstscax.dll
2009-06-10 02:14 132,096 a------- c:\windows\system32\wkssvc.dll
2009-06-10 02:14 132,096 -------- c:\windows\system32\dllcache\wkssvc.dll
2009-06-03 15:09 1,291,264 a------- c:\windows\system32\quartz.dll
2009-06-03 15:09 1,291,264 -------- c:\windows\system32\dllcache\quartz.dll
2008-10-21 01:36 90,440 a------- c:\docume~1\rafaek~1\applic~1\GDIPFONTCACHEV1.DAT
2007-01-02 13:59 251 ac------ c:\program files\wt3d.ini
2007-03-25 21:56 22 a--sh--- c:\windows\sminst\HPCD.sys

============= FINISH: 14:24:55.20 ===============


I just noticed that you also ask for the entire Kaspersky report, I shall include that now:

KASPERSKY REPORT

Full Scan: completed 8/13/2009 1:44:52 PM (events: 36, objects: 441605, time: 01:23:13)
8/6/2009 1:18:17 AM Task completed
8/6/2009 1:15:50 AM Task started
Full Scan: completed 8/13/2009 1:44:52 PM (events: 36, objects: 441605, time: 01:23:13)
8/6/2009 2:34:55 AM Task completed
8/6/2009 2:34:46 AM Detected: HEUR:Trojan.Win32.Generic C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe
8/6/2009 2:32:11 AM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
8/6/2009 2:32:11 AM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\msxml4.dll
8/6/2009 2:31:30 AM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
8/6/2009 2:31:28 AM Detected: http://www.viruslist.com/en/advisories/35948 C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
8/6/2009 2:11:25 AM Detected: http://www.viruslist.com/en/advisories/25215 C:\SWSETUP\InetSec06\US\NAV\External\NORTON\APP\NAVComUI.dll
8/6/2009 2:04:19 AM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\real\realplayer\realplay.exe
8/6/2009 2:01:27 AM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\office10\winword.exe
8/6/2009 1:57:33 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_07\bin\java.exe
8/6/2009 1:57:09 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_05\bin\java.exe
8/6/2009 1:56:44 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_03\bin\java.exe
8/6/2009 1:56:20 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_02\bin\java.exe
8/6/2009 1:55:57 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_01\bin\java.exe
8/6/2009 1:55:36 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.5.0_11\bin\java.exe
8/6/2009 1:55:36 AM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_11\bin\javaws.exe
8/6/2009 1:55:14 AM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_10\bin\javaws.exe
8/6/2009 1:55:14 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.5.0_10\bin\java.exe
8/6/2009 1:55:04 AM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_09\bin\javaws.exe
8/6/2009 1:55:04 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.5.0_09\bin\java.exe
8/6/2009 1:54:45 AM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_06\bin\javaws.exe
8/6/2009 1:54:45 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.5.0_06\bin\java.exe
8/6/2009 1:54:18 AM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\hp rhapsody\rhapsody.exe
8/6/2009 1:50:47 AM Detected: http://www.viruslist.com/en/advisories/31744 C:\Program Files\Common Files\Microsoft Shared\Office10\MSO.DLL
8/6/2009 1:49:34 AM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/6/2009 1:49:31 AM Detected: http://www.viruslist.com/en/advisories/34580 C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Annots.api
8/6/2009 1:41:54 AM Detected: http://www.viruslist.com/en/advisories/35948 C:\Documents and Settings\Rafae Khan\Local Settings\Temp\mProjector957005698\FlashPlayer.3.1.1e.ocx
8/6/2009 1:33:43 AM Untreated: HEUR:Trojan.Win32.Generic C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe Postponed
8/6/2009 1:33:10 AM Detected: HEUR:Trojan.Win32.Generic C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe
8/6/2009 1:29:03 AM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\hp rhapsody\rhapsody.exe
8/6/2009 1:29:01 AM Detected: http://www.viruslist.com/en/advisories/35091 C:\Program Files\quicktime\quicktimeplayer.exe
8/6/2009 1:28:55 AM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\real\realplayer\realplay.exe
8/6/2009 1:28:29 AM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\office10\winword.exe
8/6/2009 1:28:10 AM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/6/2009 1:27:40 AM Detected: http://www.viruslist.com/en/advisories/35948 C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
8/6/2009 1:27:30 AM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/6/2009 1:27:18 AM Task started
Full Scan: completed 8/13/2009 1:44:52 PM (events: 36, objects: 441605, time: 01:23:13)
8/8/2009 12:48:21 PM Task completed
8/8/2009 12:48:21 PM Untreated: HEUR:Trojan.Win32.Generic C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe Written to report
8/8/2009 12:48:21 PM Detected: HEUR:Trojan.Win32.Generic C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe
8/8/2009 12:45:46 PM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
8/8/2009 12:45:46 PM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\msxml4.dll
8/8/2009 12:45:01 PM Detected: http://www.viruslist.com/en/advisories/35948 C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
8/8/2009 12:44:57 PM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
8/8/2009 12:43:48 PM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe
8/8/2009 12:19:56 PM Detected: http://www.viruslist.com/en/advisories/25215 C:\SWSETUP\InetSec06\US\NAV\External\NORTON\APP\NAVComUI.dll
8/8/2009 12:11:20 PM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\real\realplayer\realplay.exe
8/8/2009 12:07:42 PM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\office10\winword.exe
8/8/2009 12:03:21 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_07\bin\java.exe
8/8/2009 12:02:06 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_05\bin\java.exe
8/8/2009 12:01:55 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_03\bin\java.exe
8/8/2009 12:01:44 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_02\bin\java.exe
8/8/2009 12:01:26 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_01\bin\java.exe
8/8/2009 12:01:01 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_11\bin\javaws.exe
8/8/2009 12:01:00 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_11\bin\java.exe
8/8/2009 12:00:29 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_10\bin\javaws.exe
8/8/2009 12:00:28 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_10\bin\java.exe
8/8/2009 12:00:10 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_09\bin\javaws.exe
8/8/2009 12:00:10 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_09\bin\java.exe
8/8/2009 12:00:02 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_06\bin\javaws.exe
8/8/2009 12:00:02 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_06\bin\java.exe
8/8/2009 11:59:48 AM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\hp rhapsody\rhapsody.exe
8/8/2009 11:56:16 AM Detected: http://www.viruslist.com/en/advisories/31744 C:\Program Files\Common Files\Microsoft Shared\Office10\MSO.DLL
8/8/2009 11:55:10 AM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 11:46:41 AM Detected: http://www.viruslist.com/en/advisories/35948 C:\Documents and Settings\Rafae Khan\Local Settings\Temp\mProjector957005698\FlashPlayer.3.1.1e.ocx
8/8/2009 11:38:11 AM Untreated: HEUR:Trojan.Win32.Generic C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe Postponed
8/8/2009 11:38:11 AM Detected: HEUR:Trojan.Win32.Generic C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe
8/8/2009 11:34:29 AM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\hp rhapsody\rhapsody.exe
8/8/2009 11:34:29 AM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\real\realplayer\realplay.exe
8/8/2009 11:34:20 AM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\office10\winword.exe
8/8/2009 11:33:55 AM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 11:31:18 AM Detected: http://www.viruslist.com/en/advisories/35948 C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
8/8/2009 11:30:54 AM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 11:30:05 AM Task started
Full Scan: completed 8/13/2009 1:44:52 PM (events: 36, objects: 441605, time: 01:23:13)
8/8/2009 1:11:05 PM Task completed
8/8/2009 1:10:36 PM Task started
Full Scan: completed 8/13/2009 1:44:52 PM (events: 36, objects: 441605, time: 01:23:13)
8/8/2009 1:20:13 PM Task completed
8/8/2009 1:17:53 PM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
8/8/2009 1:17:53 PM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\msxml4.dll
8/8/2009 1:17:46 PM Detected: http://www.viruslist.com/en/advisories/35948 C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
8/8/2009 1:17:43 PM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
8/8/2009 1:17:38 PM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe
8/8/2009 1:16:38 PM Detected: http://www.viruslist.com/en/advisories/25215 C:\SWSETUP\InetSec06\US\NAV\External\NORTON\APP\NAVComUI.dll
8/8/2009 1:16:18 PM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\real\realplayer\realplay.exe
8/8/2009 1:16:15 PM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\office10\winword.exe
8/8/2009 1:16:05 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_07\bin\java.exe
8/8/2009 1:16:04 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_05\bin\java.exe
8/8/2009 1:16:04 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_02\bin\java.exe
8/8/2009 1:16:04 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_03\bin\java.exe
8/8/2009 1:16:04 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_01\bin\java.exe
8/8/2009 1:16:04 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_11\bin\javaws.exe
8/8/2009 1:16:03 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_11\bin\java.exe
8/8/2009 1:16:03 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_10\bin\javaws.exe
8/8/2009 1:16:03 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_10\bin\java.exe
8/8/2009 1:16:03 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_09\bin\javaws.exe
8/8/2009 1:16:03 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_09\bin\java.exe
8/8/2009 1:16:03 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_06\bin\javaws.exe
8/8/2009 1:15:55 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_06\bin\java.exe
8/8/2009 1:15:54 PM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\hp rhapsody\rhapsody.exe
8/8/2009 1:15:39 PM Detected: http://www.viruslist.com/en/advisories/31744 C:\Program Files\Common Files\Microsoft Shared\Office10\MSO.DLL
8/8/2009 1:15:30 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 1:15:15 PM Detected: http://www.viruslist.com/en/advisories/35948 C:\Documents and Settings\Rafae Khan\Local Settings\Temp\mProjector957005698\FlashPlayer.3.1.1e.ocx
8/8/2009 1:11:41 PM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\real\realplayer\realplay.exe
8/8/2009 1:11:41 PM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\hp rhapsody\rhapsody.exe
8/8/2009 1:11:38 PM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\office10\winword.exe
8/8/2009 1:11:37 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 1:11:30 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 1:11:29 PM Task started
Full Scan: completed 8/13/2009 1:44:52 PM (events: 36, objects: 441605, time: 01:23:13)
8/8/2009 1:26:27 PM Task completed
8/8/2009 1:25:44 PM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
8/8/2009 1:25:44 PM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\msxml4.dll
8/8/2009 1:25:40 PM Detected: http://www.viruslist.com/en/advisories/35948 C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
8/8/2009 1:25:39 PM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
8/8/2009 1:25:37 PM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe
8/8/2009 1:24:48 PM Detected: http://www.viruslist.com/en/advisories/25215 C:\SWSETUP\InetSec06\US\NAV\External\NORTON\APP\NAVComUI.dll
8/8/2009 1:24:32 PM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\real\realplayer\realplay.exe
8/8/2009 1:24:29 PM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\office10\winword.exe
8/8/2009 1:24:22 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_07\bin\java.exe
8/8/2009 1:24:22 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_05\bin\java.exe
8/8/2009 1:24:22 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_02\bin\java.exe
8/8/2009 1:24:22 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_03\bin\java.exe
8/8/2009 1:24:22 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_01\bin\java.exe
8/8/2009 1:24:22 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_11\bin\javaws.exe
8/8/2009 1:24:21 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_11\bin\java.exe
8/8/2009 1:24:21 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_09\bin\javaws.exe
8/8/2009 1:24:21 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_10\bin\javaws.exe
8/8/2009 1:24:21 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_10\bin\java.exe
8/8/2009 1:24:21 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_09\bin\java.exe
8/8/2009 1:24:21 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_06\bin\javaws.exe
8/8/2009 1:24:14 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_06\bin\java.exe
8/8/2009 1:24:12 PM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\hp rhapsody\rhapsody.exe
8/8/2009 1:24:00 PM Detected: http://www.viruslist.com/en/advisories/31744 C:\Program Files\Common Files\Microsoft Shared\Office10\MSO.DLL
8/8/2009 1:23:52 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 1:23:39 PM Detected: http://www.viruslist.com/en/advisories/35948 C:\Documents and Settings\Rafae Khan\Local Settings\Temp\mProjector957005698\FlashPlayer.3.1.1e.ocx
8/8/2009 1:22:45 PM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\office10\winword.exe
8/8/2009 1:22:43 PM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\hp rhapsody\rhapsody.exe
8/8/2009 1:22:43 PM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\real\realplayer\realplay.exe
8/8/2009 1:22:37 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 1:22:29 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 1:22:22 PM Task started
Full Scan: completed 8/13/2009 1:44:52 PM (events: 36, objects: 441605, time: 01:23:13)
8/8/2009 4:30:36 PM Task completed
8/8/2009 4:27:37 PM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
8/8/2009 4:27:34 PM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\msxml4.dll
8/8/2009 4:27:34 PM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll
8/8/2009 4:26:48 PM Detected: http://www.viruslist.com/en/advisories/35948 C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
8/8/2009 4:26:45 PM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
8/8/2009 4:26:00 PM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe
8/8/2009 4:03:19 PM Detected: http://www.viruslist.com/en/advisories/25215 C:\SWSETUP\InetSec06\US\NAV\External\NORTON\APP\NAVComUI.dll
8/8/2009 3:55:26 PM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\Real\RealPlayer\realplay.exe
8/8/2009 3:52:19 PM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\Office10\WINWORD.EXE
8/8/2009 3:47:52 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_07\bin\java.exe
8/8/2009 3:47:26 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_05\bin\java.exe
8/8/2009 3:47:05 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_03\bin\java.exe
8/8/2009 3:46:44 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_02\bin\java.exe
8/8/2009 3:46:23 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_01\bin\java.exe
8/8/2009 3:46:00 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_11\bin\javaws.exe
8/8/2009 3:46:00 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_11\bin\java.exe
8/8/2009 3:45:33 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_10\bin\javaws.exe
8/8/2009 3:45:33 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_10\bin\java.exe
8/8/2009 3:45:17 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_09\bin\javaws.exe
8/8/2009 3:45:16 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_09\bin\java.exe
8/8/2009 3:45:09 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_06\bin\javaws.exe
8/8/2009 3:45:09 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_06\bin\java.exe
8/8/2009 3:44:53 PM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\HP Rhapsody\rhapsody.exe
8/8/2009 3:40:47 PM Detected: http://www.viruslist.com/en/advisories/31744 C:\Program Files\Common Files\Microsoft Shared\Office10\MSO.DLL
8/8/2009 3:39:28 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 3:30:39 PM Detected: http://www.viruslist.com/en/advisories/35948 C:\Documents and Settings\Rafae Khan\Local Settings\Temp\mProjector957005698\FlashPlayer.3.1.1e.ocx
8/8/2009 3:18:17 PM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\hp rhapsody\rhapsody.exe
8/8/2009 3:18:14 PM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\real\realplayer\realplay.exe
8/8/2009 3:18:13 PM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\office10\winword.exe
8/8/2009 3:17:52 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 3:17:14 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 3:16:40 PM Task started
Full Scan: completed 8/13/2009 1:44:52 PM (events: 36, objects: 441605, time: 01:23:13)
8/8/2009 5:05:03 PM Task completed
8/8/2009 5:04:58 PM Detected: HEUR:Trojan.Win32.Generic C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe
8/8/2009 5:02:58 PM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
8/8/2009 5:02:57 PM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\msxml4.dll
8/8/2009 5:02:54 PM Detected: http://www.viruslist.com/en/advisories/35948 C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
8/8/2009 5:02:53 PM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
8/8/2009 5:02:51 PM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe
8/8/2009 5:02:10 PM Detected: http://www.viruslist.com/en/advisories/25215 C:\SWSETUP\InetSec06\US\NAV\External\NORTON\APP\NAVComUI.dll
8/8/2009 5:01:52 PM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\Real\RealPlayer\realplay.exe
8/8/2009 5:01:49 PM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\Office10\WINWORD.EXE
8/8/2009 5:01:39 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_07\bin\java.exe
8/8/2009 5:01:38 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_05\bin\java.exe
8/8/2009 5:01:37 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_03\bin\java.exe
8/8/2009 5:01:37 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_01\bin\java.exe
8/8/2009 5:01:37 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_02\bin\java.exe
8/8/2009 5:01:37 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_11\bin\javaws.exe
8/8/2009 5:01:37 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_10\bin\javaws.exe
8/8/2009 5:01:37 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_10\bin\java.exe
8/8/2009 5:01:37 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_11\bin\java.exe
8/8/2009 5:01:37 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_09\bin\javaws.exe
8/8/2009 5:01:37 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_09\bin\java.exe
8/8/2009 5:01:37 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_06\bin\javaws.exe
8/8/2009 5:01:32 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_06\bin\java.exe
8/8/2009 5:01:31 PM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\HP Rhapsody\rhapsody.exe
8/8/2009 4:59:47 PM Detected: http://www.viruslist.com/en/advisories/31744 C:\Program Files\Common Files\Microsoft Shared\Office10\MSO.DLL
8/8/2009 4:58:37 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 4:50:07 PM Detected: http://www.viruslist.com/en/advisories/35948 C:\Documents and Settings\Rafae Khan\Local Settings\Temp\mProjector957005698\FlashPlayer.3.1.1e.ocx
8/8/2009 4:42:10 PM Untreated: HEUR:Trojan.Win32.Generic C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe Postponed
8/8/2009 4:42:10 PM Detected: HEUR:Trojan.Win32.Generic C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe
8/8/2009 4:38:30 PM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\HP Rhapsody\rhapsody.exe
8/8/2009 4:38:26 PM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\Real\RealPlayer\realplay.exe
8/8/2009 4:38:16 PM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\Office10\WINWORD.EXE
8/8/2009 4:38:09 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 4:36:09 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/8/2009 4:35:51 PM Task started
Full Scan: completed 8/13/2009 1:44:52 PM (events: 36, objects: 441605, time: 01:23:13)
8/9/2009 1:55:47 AM Task stopped
8/9/2009 1:55:42 AM Task started
Full Scan: completed 8/13/2009 1:44:52 PM (events: 36, objects: 441605, time: 01:23:13)
8/9/2009 3:17:57 AM Task completed
8/9/2009 3:15:19 AM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\msxml4.dll
8/9/2009 3:15:19 AM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
8/9/2009 3:15:18 AM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll
8/9/2009 3:15:18 AM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
8/9/2009 3:14:15 AM Detected: http://www.viruslist.com/en/advisories/35948 C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
8/9/2009 3:14:09 AM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
8/9/2009 3:13:10 AM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe
8/9/2009 2:46:17 AM Detected: http://www.viruslist.com/en/advisories/25215 C:\SWSETUP\InetSec06\US\NAV\External\NORTON\APP\NAVComUI.dll
8/9/2009 2:38:09 AM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\Real\RealPlayer\realplay.exe
8/9/2009 2:35:42 AM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\Office10\WINWORD.EXE
8/9/2009 2:31:03 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_07\bin\java.exe
8/9/2009 2:30:38 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_05\bin\java.exe
8/9/2009 2:30:13 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_03\bin\java.exe
8/9/2009 2:29:47 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_02\bin\java.exe
8/9/2009 2:29:28 AM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_01\bin\java.exe
8/9/2009 2:29:09 AM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_11\bin\javaws.exe
8/9/2009 2:29:09 AM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_11\bin\java.exe
8/9/2009 2:28:44 AM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_10\bin\java.exe
8/9/2009 2:28:44 AM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_10\bin\javaws.exe
8/9/2009 2:28:30 AM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_09\bin\javaws.exe
8/9/2009 2:28:29 AM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_09\bin\java.exe
8/9/2009 2:28:23 AM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_06\bin\javaws.exe
8/9/2009 2:28:23 AM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_06\bin\java.exe
8/9/2009 2:27:43 AM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\HP Rhapsody\rhapsody.exe
8/9/2009 2:23:50 AM Detected: http://www.viruslist.com/en/advisories/31744 C:\Program Files\Common Files\Microsoft Shared\Office10\MSO.DLL
8/9/2009 2:22:18 AM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/9/2009 2:22:14 AM Detected: http://www.viruslist.com/en/advisories/34580 C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Annots.api
8/9/2009 2:12:12 AM Detected: http://www.viruslist.com/en/advisories/35948 C:\Documents and Settings\Rafae Khan\Local Settings\Temp\mProjector957005698\FlashPlayer.3.1.1e.ocx
8/9/2009 1:58:59 AM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\HP Rhapsody\rhapsody.exe
8/9/2009 1:58:58 AM Detected: http://www.viruslist.com/en/advisories/35091 C:\Program Files\quicktime\quicktimeplayer.exe
8/9/2009 1:58:58 AM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\Real\RealPlayer\realplay.exe
8/9/2009 1:58:24 AM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\Office10\WINWORD.EXE
8/9/2009 1:58:02 AM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/9/2009 1:56:56 AM Detected: http://www.viruslist.com/en/advisories/35948 C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
8/9/2009 1:56:38 AM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/9/2009 1:56:19 AM Task started
Full Scan: completed 8/13/2009 1:44:52 PM (events: 36, objects: 441605, time: 01:23:13)
8/11/2009 3:26:13 PM Task completed
8/11/2009 3:23:35 PM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
8/11/2009 3:23:35 PM Detected: http://www.viruslist.com/en/advisories/23655 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\msxml4.dll
8/11/2009 3:22:49 PM Detected: http://www.viruslist.com/en/advisories/35948 C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
8/11/2009 3:22:45 PM Detected: http://www.viruslist.com/en/advisories/36049 C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
8/11/2009 2:59:20 PM Detected: http://www.viruslist.com/en/advisories/25215 C:\SWSETUP\InetSec06\US\NAV\External\NORTON\APP\NAVComUI.dll
8/11/2009 2:50:35 PM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\real\realplayer\realplay.exe
8/11/2009 2:47:25 PM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\office10\winword.exe
8/11/2009 2:43:07 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_07\bin\java.exe
8/11/2009 2:42:43 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_05\bin\java.exe
8/11/2009 2:42:25 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_03\bin\java.exe
8/11/2009 2:42:03 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_02\bin\java.exe
8/11/2009 2:41:40 PM Detected: http://www.viruslist.com/en/advisories/34451 C:\Program Files\Java\jre1.6.0_01\bin\java.exe
8/11/2009 2:41:18 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_11\bin\java.exe
8/11/2009 2:41:18 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_11\bin\javaws.exe
8/11/2009 2:40:50 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_10\bin\javaws.exe
8/11/2009 2:40:50 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_10\bin\java.exe
8/11/2009 2:40:33 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_09\bin\javaws.exe
8/11/2009 2:40:32 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_09\bin\java.exe
8/11/2009 2:40:25 PM Detected: http://www.viruslist.com/en/advisories/32991 C:\Program Files\Java\jre1.5.0_06\bin\javaws.exe
8/11/2009 2:40:25 PM Detected: http://www.viruslist.com/en/advisories/36159 C:\Program Files\Java\jre1.5.0_06\bin\java.exe
8/11/2009 2:40:08 PM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\hp rhapsody\rhapsody.exe
8/11/2009 2:36:38 PM Detected: http://www.viruslist.com/en/advisories/31744 C:\Program Files\Common Files\Microsoft Shared\Office10\MSO.DLL
8/11/2009 2:35:21 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/11/2009 2:35:19 PM Detected: http://www.viruslist.com/en/advisories/34580 C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Annots.api
8/11/2009 2:25:42 PM Detected: http://www.viruslist.com/en/advisories/35948 C:\Documents and Settings\Rafae Khan\Local Settings\Temp\mProjector957005698\FlashPlayer.3.1.1e.ocx
8/11/2009 2:11:42 PM Detected: http://www.viruslist.com/en/advisories/19358 C:\Program Files\hp rhapsody\rhapsody.exe
8/11/2009 2:11:42 PM Detected: http://www.viruslist.com/en/advisories/35091 C:\Program Files\quicktime\quicktimeplayer.exe
8/11/2009 2:11:35 PM Detected: http://www.viruslist.com/en/advisories/27620 C:\Program Files\real\realplayer\realplay.exe
8/11/2009 2:11:11 PM Detected: http://www.viruslist.com/en/advisories/35377 C:\Program Files\office10\winword.exe
8/11/2009 2:10:50 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/11/2009 2:09:59 PM Detected: http://www.viruslist.com/en/advisories/24747 C:\Program Files\AIM\aim.exe
8/11/2009 2:09:40 PM Task started
Full Scan: completed 8/13/2009 1:44:52 PM (events: 36, objects: 441605, time: 01:23:13)
8/13/2009 12:21:39 PM Task started
8/13/2009 12:22:38 PM Detected: http://www.viruslist.com/en/advisories/24747 c:\program files\aim\aim.exe
8/13/2009 12:22:58 PM Detected: http://www.viruslist.com/en/advisories/35377 c:\program files\office10\winword.exe
8/13/2009 12:23:14 PM Detected: http://www.viruslist.com/en/advisories/27620 c:\program files\real\realplayer\realplay.exe
8/13/2009 12:23:23 PM Detected: http://www.viruslist.com/en/advisories/35091 c:\program files\quicktime\quicktimeplayer.exe
8/13/2009 12:23:24 PM Detected: http://www.viruslist.com/en/advisories/19358 c:\program files\hp rhapsody\rhapsody.exe
8/13/2009 12:28:17 PM Detected: HEUR:Trojan.Win32.Generic c:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe
8/13/2009 12:28:17 PM Untreated: HEUR:Trojan.Win32.Generic c:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe Postponed
8/13/2009 12:40:39 PM Detected: http://www.viruslist.com/en/advisories/35948 c:\Documents and Settings\Rafae Khan\Local Settings\Temp\mProjector957005698\FlashPlayer.3.1.1e.ocx
8/13/2009 12:52:54 PM Detected: http://www.viruslist.com/en/advisories/34580 c:\program files\Adobe\Acrobat 7.0\Reader\plug_ins\Annots.api
8/13/2009 12:52:59 PM Detected: http://www.viruslist.com/en/advisories/24747 c:\program files\aim\aim.exe
8/13/2009 12:54:54 PM Detected: http://www.viruslist.com/en/advisories/31744 c:\program files\Common Files\Microsoft Shared\Office10\MSO.DLL
8/13/2009 12:58:36 PM Detected: http://www.viruslist.com/en/advisories/19358 c:\program files\hp rhapsody\rhapsody.exe
8/13/2009 12:58:51 PM Detected: http://www.viruslist.com/en/advisories/36159 c:\program files\Java\jre1.5.0_06\bin\java.exe
8/13/2009 12:58:52 PM Detected: http://www.viruslist.com/en/advisories/32991 c:\program files\Java\jre1.5.0_06\bin\javaws.exe
8/13/2009 12:58:59 PM Detected: http://www.viruslist.com/en/advisories/36159 c:\program files\Java\jre1.5.0_09\bin\java.exe
8/13/2009 12:58:59 PM Detected: http://www.viruslist.com/en/advisories/32991 c:\program files\Java\jre1.5.0_09\bin\javaws.exe
8/13/2009 12:59:19 PM Detected: http://www.viruslist.com/en/advisories/36159 c:\program files\Java\jre1.5.0_10\bin\java.exe
8/13/2009 12:59:20 PM Detected: http://www.viruslist.com/en/advisories/32991 c:\program files\Java\jre1.5.0_10\bin\javaws.exe
8/13/2009 12:59:51 PM Detected: http://www.viruslist.com/en/advisories/36159 c:\program files\Java\jre1.5.0_11\bin\java.exe
8/13/2009 12:59:51 PM Detected: http://www.viruslist.com/en/advisories/32991 c:\program files\Java\jre1.5.0_11\bin\javaws.exe
8/13/2009 1:00:12 PM Detected: http://www.viruslist.com/en/advisories/34451 c:\program files\Java\jre1.6.0_01\bin\java.exe
8/13/2009 1:00:37 PM Detected: http://www.viruslist.com/en/advisories/34451 c:\program files\Java\jre1.6.0_02\bin\java.exe
8/13/2009 1:01:00 PM Detected: http://www.viruslist.com/en/advisories/34451 c:\program files\Java\jre1.6.0_03\bin\java.exe
8/13/2009 1:01:23 PM Detected: http://www.viruslist.com/en/advisories/34451 c:\program files\Java\jre1.6.0_05\bin\java.exe
8/13/2009 1:01:42 PM Detected: http://www.viruslist.com/en/advisories/34451 c:\program files\Java\jre1.6.0_07\bin\java.exe
8/13/2009 1:05:59 PM Detected: http://www.viruslist.com/en/advisories/35377 c:\program files\office10\winword.exe
8/13/2009 1:08:46 PM Detected: http://www.viruslist.com/en/advisories/27620 c:\program files\real\realplayer\realplay.exe
8/13/2009 1:17:39 PM Detected: http://www.viruslist.com/en/advisories/25215 c:\SWSETUP\InetSec06\US\NAV\External\NORTON\APP\NAVComUI.dll
8/13/2009 1:41:23 PM Detected: http://www.viruslist.com/en/advisories/36049 c:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
8/13/2009 1:41:27 PM Detected: http://www.viruslist.com/en/advisories/35948 c:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
8/13/2009 1:42:08 PM Detected: http://www.viruslist.com/en/advisories/23655 c:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\msxml4.dll
8/13/2009 1:42:08 PM Detected: http://www.viruslist.com/en/advisories/23655 c:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
8/13/2009 1:44:52 PM Detected: HEUR:Trojan.Win32.Generic c:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe
8/13/2009 1:44:52 PM Untreated: HEUR:Trojan.Win32.Generic c:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP768\A0068759.exe Written to report
8/13/2009 1:44:52 PM Task completed

Attached Files



BC AdBot (Login to Remove)

 


#2 giantsfan97

giantsfan97
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 20 August 2009 - 09:52 PM

I am seeking help elsewhere for my problem, you may close this thread. Thank you.

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,109 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:11:59 AM

Posted 21 August 2009 - 11:20 PM

Thank you for letting us know. This topic is now closed.

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.


animinionsmalltext.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users