computer infectd here are the logs requested

[alyoob]

Malwarebyte attatched and hijack log posted


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:42:50 PM, on 3/20/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\locator.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\IMSI\CD Copier Gamers' Edition\VCDPlayer.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\AOL\1253924411\EE\aolsoftware.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\Program Files\SUPERAntiSpyware\8728c95b-991f-4c25-b985-fa398e546582.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FCTBPos00Pos - {FC78E410-0EFA-4BEC-B283-D1DB1922F420} - C:\Program Files\CoolChaser Layout Auto Insert\Toolbar.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: CoolChaser Layout Auto Insert - {B0208007-27C1-4BCD-93EF-EFF5DB61FC22} - C:\Program Files\CoolChaser Layout Auto Insert\Toolbar.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.yahoo.com/?fr=fp-yie8
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - https://wimpro2.cce.hp.com/ChatEntry/downloads/sysinfo.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1253910568593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1254598484125
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} (Diagnostics ActiveX WebControl) - http://support.microsoft.com/mats/DiagWebControl.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Advanced Micro Devices - (no file)
O23 - Service: Avira AntiVir Guard (AntiVirService) - Advanced Micro Devices - (no file)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 9100 bytes

 

[FunnelWeb]

looking at your log these files sorting out

C:\Program Files\IMSI\CD Copier Gamers' Edition\VCDPlayer.exe

This is a unknown process.

O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll

Nasty (2.49 / 5.00)

O2 - BHO: FCTBPos00Pos - {FC78E410-0EFA-4BEC-B283-D1DB1922F420} - C:\Program Files\CoolChaser Layout Auto Insert\Toolbar.dll

Neutral (3.22 / 5.00)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

Nasty (2.86 / 5.00)

O3 - Toolbar: CoolChaser Layout Auto Insert - {B0208007-27C1-4BCD-93EF-EFF5DB61FC22} - C:\Program Files\CoolChaser Layout Auto Insert\Toolbar.dll

Neutral (3.22 / 5.00)

O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll

Nasty (2.49 / 5.00)

O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

Unknown application.
Unnecessary (deactivated) entry that can be fixed.

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

Must be fixed! This entry was classified from our visitors as good

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUt il.exe -p

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Advanced Micro Devices - (no file)

O23 - Service: Avira AntiVir Guard (AntiVirService) - Advanced Micro Devices - (no file)

you could wait for johnb35' advice on what to clear to make sure

and as for your mbam log there is 7 infections in there that need cleaning

Registry Keys Infected:
HKEY_CLASSES_ROOT\TypeLib\{497dddb6-6eee-4561-9621-b77dc82c1f84} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{4e980492-027b-47f1-a7ab-ab086dacbb9e} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{5ead8321-fcbb-4c3f-888c-ac373d366c3f} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{31f3cf6e-a71a-4daa-852b-39ac230940b4} (Rogue.Ascentive) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{661e32fd-a5f0-49bc-96cc-d872fe10a7dc} (AdWare.WebHancer) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3296405e-e08f-4442-801e-3dcd2c6aa82c} (AdWare.WebHancer) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{bf0118d4-63ff-4138-9327-f3028fb1a578} (AdWare.WebHancer) -> No action taken.

Files Infected:
C:\System Volume Information\_restore{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP460\A0092971.dll (AdWare.WebHancer) -> No action taken.
C:\WINDOWS\system32\SysRestore.dll (Rogue.Ascentive) -> No action taken.
C:\WINDOWS\Web\Wallpaper\welcome\AWhelper.dll (AdWare.WebHancer) -> No action taken.

now these need cleaning so if i was you i would clean these as soon as possible

 

[alyoob]

here are the updated log files attached

 

[FunnelWeb]

these need sorting

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com

Nasty (2.27 / 5.00)

O2 - BHO: FCTBPos00Pos - {FC78E410-0EFA-4BEC-B283-D1DB1922F420} - C:\Program Files\CoolChaser Layout Auto Insert\Toolbar.dll

Neutral (3.22 / 5.00)

O3 - Toolbar: CoolChaser Layout Auto Insert - {B0208007-27C1-4BCD-93EF-EFF5DB61FC22} - C:\Program Files\CoolChaser Layout Auto Insert\Toolbar.dll

Neutral (3.22 / 5.00)

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Advanced Micro Devices - (no file)

Unknown service. ()

O23 - Service: Avira AntiVir Guard (AntiVirService) - Advanced Micro Devices - (no file)

Unknown service. ()

your mbam log looks o.k

i know johnb35 is the master of sorting out logs etc, and gives you sound advice on cleaning any malware or whatever from your system, and you can wait for his response if you so wish to, but i would fix the above files, and then boot into safe mode, and do a scan of your computer ( full scan ) with malwarebytes, and then post a log of that and a hijack this log once again to see if its clear. but like i said, you can await johnb35's advice first if you wish to.

 

[alyoob]

FunnelWeb I did what you asked in my hijack log deleted the entries but some of those entries do not want to get deleted here is a new fresh hijack log and by the way my computer is acting a bit strange when scanning with mbam. I scanned my computer 2 scans ago with mbam and it took a full scan to finish in around 30 minutes now it is taking over 50 minutes to scan my computer. What happened?

 

[FunnelWeb]

your hijack this log looks clean and its got rid of the nasties by the look of it

there is only two entries which have question marks against them in your hijack this log

and they are

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Advanced Micro Devices - (no file)



O23 - Service: Avira AntiVir Guard (AntiVirService) - Advanced Micro Devices - (no file)

which both have an unknown service beside them

and your mbam log looks clean

but you said that your computer is taking longer to do a full scan?? well it all depends on the number of files you have on your computer which makes a big differance, as a quick scan does not cover all the files of your computer, so maybe its down to that. but how is your computer behaving after getting rid of the nasties in question?? and is it working as you think it should be??

 

[alyoob]

It is fine but it seems to me I got another advice from another forum stating that i am really infected because they asked me to use combofix if you are familiar with that program and it found really bad infections in my system files they were surprised that my system is even booting up. If you want that log file of combofix I can post it and you can check it out. I do not really think what combofix has found are really infections because false positives can occur by what combofix really found my computer should not be working. I will post it

 

[johnb35]

It is fine but it seems to me I got another advice from another forum stating that i am really infected because they asked me to use combofix if you are familiar with that program and it found really bad infections in my system files they were surprised that my system is even booting up. If you want that log file of combofix I can post it and you can check it out. I do not really think what combofix has found are really infections because false positives can occur by what combofix really found my computer should not be working. I will post it

Yes please post a fresh combofix log. I see some issues in your hijackthis log but nothing major.

your hijack this log looks clean and its got rid of the nasties by the look of it

there is only two entries which have question marks against them in your hijack this log

and they are



which both have an unknown service beside them

Funnelweb,

It looks like I need to teach you how to interpret hijackthis logs, cause you can't just fix a 023 entry by checking it, you actually have to go in and delete the service before you can delete the entry.

If you don't know what you are doing as I see you are just copying and pasting from a website then don't post at all as some of the things those websites tell you are nasty sometimes aren't. And you will be responsible for their computer if you tell them to do something they shouldn't.

 

[FunnelWeb]

If you don't know what you are doing as I see you are just copying and pasting from a website then don't post at all as some of the things those websites tell you are nasty sometimes aren't. And you will be responsible for their computer if you tell them to do something they shouldn't.

well johnb35 i obviously am not computer savvy as you are, but also you keep telling people to use combofix, which also can screw peoples computers up?? so i am trying to help as you are, and ask the person if his computer is screwed up ?? he said its o.k and also checking a hijack this log and giving him advice what its telling is not going to screw his computer up!!! and as for advice off a differant forum, where is that forum to?? its from the hijack this check site?? and i personally do not think there going to screw any ones computer up as you said!! and am only trying to help thats all!!! but obviously you think differant than others!!! did you come from bleeping computer by the way??

i think the best thing to do is to just let you or the mods reply to people's problems with any virus/malware related issues, because then that way people such as myself who are only trying to help, cannot be accused of trying to ruin someones computer as you tried to put it!! to which that is something i would never do in the first place?? i really did not like that comment which i found a bit sarcastic!!!

and also johnb35, i respect you for what you do, and am not being rude to you in any way, but you said all i do is to copy and paste any advice from a website?? isn't learning about these things what people want?? and i do not know if your a computer geek or whatever, but obviously your computer savvy, but have you yourself got information from reading about things off of differant forums?? have you learned anything by reading off differant places?? of course you have!! o.k you may be more smarter than me at giving advice, but everyone has got to learn!!!

so i will steer clear of any malware or virus related problem that people have and let you do your supposed fixing, and hopefully you won't ruin anyones computer with your advice.

 

[alyoob]

FunnelWeb, Johnb35 if two are interested in what the other forum told me about my problem you can check my post at

http://www.computerhope.com/forum/index.php/topic,102038.0.html

 

[FunnelWeb]

alyoob,

i am glad that you got it sorted and working o.k and its well explained!!!!

 

[johnb35]

If you have virut infection then your system is a lost cause and will need to be reformattted. It's a very nasty infection and have dealt with it myself on a couple laptops a few months ago. Please scan whatever files you back up to make sure they are clean or you will infect the new install as well and will have to start from scratch again.

 

[alyoob]

If you have virut infection then your system is a lost cause and will need to be reformattted. It's a very nasty infection and have dealt with it myself on a couple laptops a few months ago. Please scan whatever files you back up to make sure they are clean or you will infect the new install as well and will have to start from scratch again.

How can i trust combo fix in what it found even though i should scan my computer with other programs to make sure of what it cobofix finds is correct. Can you recommend a program for me to scan with that is free i used microsoft security essential and it did not find anything super antispyware scanned with mbam as you know and combofix is the only one picking out that those files are infected. I have to make sure of what combo fix states is true. As the other forum states if i really got infected with virut dont you think my computer would not be booting up come on every program is bound to make mistakes stating false positive and you cannot go on and say that this program alone can state the truth. I need to make sure by scanning with other programs and if they say i am infected then i will reformat my system and my computer is running normal. In the past combofix has screwed my computer up and do not trust the result period. Until i scan with another trusted program.

 

[johnb35]

A computer will bootup just fine with the virut infection, trust me, i've dealt with it before. Download avg free edition and scan with it. Have you done a kaspersky online scan?

http://www.kaspersky.com/kos/eng/partner/default/pages/default/check.html?n=1261403967312

Also, AVG has a virut removing program, you can try downloading and running it and see what it finds.

http://www.avg.com/us-en/67762

I'm not saying it will clean it because most likely it won't totally remove it but it will detect if you have it.

 

[alyoob]

If avg does not find anything and kaspersy doe not then what can we conclude is win 32 / virut the only form that a virut can be.

 

[johnb35]

As long as you run the virut removal tool along with avg and the online scan and it doesn't find anything then I can safely say that combofix may be wrong in this case.

 

[alyoob]

Well I scanned with the tools you asked me to scan with and the two avg programs did not find anything when i scanned with kaspsery online scanner it found infection I am preety sure those are false positive because other scanners have flagged them as infected in the past even when i had a clean reformat those files are useless even if i delete them nothing will happen to my system. Here is the log.


KASPERSKY ONLINE SCANNER 7.0: scan report
Saturday, March 27, 2010
Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Saturday, March 27, 2010 06:06:02
Records in database: 3880125
Scan settings
scan using the following database extended
Scan archives yes
Scan e-mail databases yes
Scan area My Computer
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan statistics
Objects scanned 47748
Threats found 3
Infected objects found 4
Suspicious objects found 0
Scan duration 02:09:53

File name Threat Threats count
C:\Program Files\AOL Toolbar\AOLToolbarSetup.exe Infected: not-a-virus:AdWare.Win32.SearchIt.t 1
C:\Program Files\Common Files\aolback\Comps\toolbar\toolbr.exe Infected: not-a-virus:AdWare.Win32.SearchIt.t 1
C:\Program Files\Internet Explorer\Connection Wizard\icwrmind.exe Infected: Trojan.Win32.Genome.grdx 1
C:\Program Files\Internet Explorer\Connection Wizard\inetwiz.exe Infected: Trojan.Win32.Genome.hbhk 1