Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Smitfraud-c.coreservice & Virtumonde


  • This topic is locked This topic is locked
3 replies to this topic

#1 raft2112

raft2112

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 28 April 2008 - 05:45 PM

Spybot indicates an infection with Smitfraud-C.CoreService & Virtumonde that I'm unable to remove. Symptoms include slow boot, aggressive popups, non-responsive IE and firefox. Started at 1842 on 4-14-08 and I need help removing infection.

Thanks

James

main.txt
Deckard's System Scanner v20071014.68
Run by Owner on 2008-04-27 19:51:05
Computer is in Normal Mode.
--------------------------------------------------------------------------------

System Drive C: has 2.77 GiB (less than 15%) free.


-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:51:29 PM, on 4/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\$sys$filesystem\$sys$DRMServer.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINNT\CDProxyServ.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINNT\wanmpsvc.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
C:\WINNT\System32\hkcmd.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINNT\SM1BG.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINNT\system32\WDBtnMgr.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM6\aim6.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\My Book\WD Backup\uBBMonitor.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\system32\HPZipm12.exe
C:\WINNT\explorer.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\rundll32.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\DOCUME~1\Owner\Desktop\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {0D2C7170-9C49-4B37-82B8-EEA2875FB2ED} - (no file)
O2 - BHO: (no name) - {1CE1734D-5843-4D80-B5B2-EF4FBA7E9688} - C:\WINNT\system32\tuvutstq.dll
O2 - BHO: (no name) - {1D1EF5AC-C097-4106-983F-AFA477186785} - C:\WINNT\addins\rulca.dll (file missing)
O2 - BHO: {a4b86b17-3d6b-349b-6444-932f7cddc9c3} - {3c9cddc7-f239-4446-b943-b6d371b68b4a} - C:\WINNT\system32\bxlceisr.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5F682197-4D21-4A96-997B-AED1AB50A139} - C:\WINNT\system32\pmkhh.dll (file missing)
O2 - BHO: (no name) - {72F6E589-EFE8-471D-B33B-316FEDCC28FD} - (no file)
O2 - BHO: (no name) - {99F8BB77-555A-4E86-893D-9199BE1F724C} - (no file)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {B2F67B3B-5027-4CC2-BEE9-7B9852204F20} - (no file)
O2 - BHO: (no name) - {E2F69C1B-6EDC-46D9-8A60-030C35805D16} - (no file)
O2 - BHO: (no name) - {EC706D1B-85DD-4D3C-A290-7CBB76BCDC7E} - (no file)
O2 - BHO: (no name) - {FB422E7B-3D5E-4D9B-84C2-91B6C888CDE2} - C:\WINNT\system32\yaywvtsr.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Gateway Extended Warranty] "C:\Program Files\Gateway\GWCares\GWCares.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [SM1BG] C:\WINNT\SM1BG.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BM2b234882] Rundll32.exe "C:\WINNT\system32\cfginxrq.dll",s
O4 - HKLM\..\Run: [28107b1e] rundll32.exe "C:\WINNT\system32\gssgqnqv.dll",b
O4 - HKLM\..\RunOnce: [SpybotDeletingA8152] command /c del "C:\WINNT\system32\drivers\core.cache.dsk"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3514] cmd /c del "C:\WINNT\system32\drivers\core.cache.dsk"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4262] command /c del "C:\WINNT\system32\lexcemfg.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5238] cmd /c del "C:\WINNT\system32\lexcemfg.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7008] command /c del "C:\WINNT\system32\vnugmtxg.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7254] cmd /c del "C:\WINNT\system32\vnugmtxg.dll_old"
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB1789] command /c del "C:\WINNT\system32\drivers\core.cache.dsk"
O4 - Startup: DW_Start.lnk.disabled
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: LogViewer.lnk.disabled
O4 - Global Startup: WD Backup Monitor.lnk = C:\Program Files\My Book\WD Backup\uBBMonitor.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Search - ?p=ZC
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Yapta - {0094A600-9BDD-4019-BAFE-487284F7D476} - C:\Program Files\Yapta\YaptaSidebar.dll
O9 - Extra 'Tools' menuitem: Yapta... - {0094A600-9BDD-4019-BAFE-487284F7D476} - C:\Program Files\Yapta\YaptaSidebar.dll
O9 - Extra button: Yapta Settings - {0362b485-11fe-469c-ae98-42f478e581a0} - C:\Program Files\Yapta\YaptaSettings.exe
O9 - Extra 'Tools' menuitem: Yapta Settings... - {0362b485-11fe-469c-ae98-42f478e581a0} - C:\Program Files\Yapta\YaptaSettings.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:\WINNT\Downloaded Program Files\SbCIe028.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINNT\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.adxgate.net (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.snipenet.net (HKLM)
O15 - Trusted Zone: *.sxload.net (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/u...can_unicode.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/platypus/miniclipGameLoader.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - http://asp.mathxl.com/wizmodules/testgen/i...GenXInstall.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip.com/ricochet/ReflexiveWebGameLoader.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://download.sidestep.com/get/k00719/sb028.cab
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless Media Upload) - http://picture.vzw.com/activex/VerizonWire...loadControl.cab
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {D1ACD2D8-7312-4D06-BECD-90EB094D2277} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.com/books/_Players/MathPlayer.cab
O20 - Winlogon Notify: AutorunsDisabled - C:\WINNT\
O20 - Winlogon Notify: pmkhh - C:\WINNT\system32\pmkhh.dll (file missing)
O20 - Winlogon Notify: rqrqomj - rqrqomj.dll (file missing)
O20 - Winlogon Notify: rulca - C:\WINNT\addins\rulca.dll (file missing)
O20 - Winlogon Notify: yaywvtsr - C:\WINNT\SYSTEM32\yaywvtsr.dll
O23 - Service: Plug and Play Device Manager ($sys$DRMServer) - First 4 Internet Ltd - C:\WINNT\system32\$sys$filesystem\$sys$DRMServer.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: XCP CD Proxy (CD_Proxy) - Unknown owner - C:\WINNT\CDProxyServ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINNT\wanmpsvc.exe
O23 - Service: WMP54GSSVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe

--
End of file - 17549 bytes

-- Files created between 2008-03-27 and 2008-04-27 -----------------------------

2008-04-27 19:50:24 107072 --a------ C:\WINNT\system32\bxlceisr.dll
2008-04-27 19:47:52 94784 --a------ C:\WINNT\system32\gssgqnqv.dll
2008-04-27 19:47:45 105024 --a------ C:\WINNT\system32\cfginxrq.dll
2008-04-27 16:45:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-04-27 16:45:48 0 d-------- C:\WINNT\system32\Kaspersky Lab
2008-04-27 16:45:46 0 d-------- C:\WINNT\LastGood
2008-04-21 18:12:52 6602 --ahs---- C:\WINNT\system32\xaayayxx.ini2
2008-04-20 16:30:53 404499 --ahs---- C:\WINNT\system32\hhiihjjl.ini2
2008-04-14 19:46:51 266812 --ahs---- C:\WINNT\system32\ilknnnmp.ini2
2008-04-14 19:46:44 393673 --a------ C:\WINNT\system32\pmnnnkli.dll
2008-04-14 18:48:08 34099 --a------ C:\WINNT\system32\byxxyvtq.dll
2008-04-14 18:47:26 517890 --ahs---- C:\WINNT\system32\qtstuvut.ini2
2008-04-14 18:47:20 393673 --a------ C:\WINNT\system32\tuvutstq.dll
2008-04-14 18:42:23 86144 --a------ C:\WINNT\system32\drivers\imagesrvv.sys
2008-04-14 18:42:21 0 d-------- C:\WINNT\system32\vFi
2008-04-14 18:42:21 0 d-------- C:\WINNT\system32\pinz1
2008-04-14 18:42:21 0 d-------- C:\WINNT\system32\IDE2
2008-04-14 18:42:20 0 d-------- C:\WINNT\system32\ExTmp
2008-04-14 18:42:14 34099 --a------ C:\WINNT\system32\yaywvtsr.dll
2008-04-14 18:42:14 0 d-------- C:\WINNT\system32\bharebio01
2008-04-10 18:17:30 328192 --a------ C:\WINNT\system32\{63a5cd49-c091-c43d-51f4-4d39d3944961}.dll


-- Find3M Report ---------------------------------------------------------------

2008-04-27 14:07:09 11852 --a------ C:\Documents and Settings\Owner\Application Data\wklnhst.dat
2008-04-26 17:02:41 4064 --a------ C:\WINNT\system32\tmp.reg
2008-04-25 19:48:35 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-15 16:47:24 0 d-a------ C:\Program Files\Common Files
2008-04-13 23:11:38 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2008-04-06 22:06:24 0 d-------- C:\Documents and Settings\Owner\Application Data\U3
2008-03-26 22:09:24 0 d-------- C:\Program Files\Yapta
2008-03-19 18:37:02 249856 --a------ C:\WINNT\system32\pdfmona.dll <Not Verified; TODO: <Company name>; TODO: <Product name>>
2008-03-19 18:37:02 51716 --a------ C:\WINNT\system32\pdf995mon.dll
2008-03-19 18:37:00 0 d-------- C:\Program Files\PDF995
2008-03-19 18:36:42 0 d-------- C:\Program Files\TaxCut06
2008-03-19 18:36:31 0 d-------- C:\Documents and Settings\Owner\Application Data\TaxCut
2008-03-19 18:36:26 0 d-------- C:\Program Files\TaxCut07
2008-02-19 18:40:16 3443 --a------ C:\WINNT\unins000.dat
2008-02-19 18:39:28 691545 --a------ C:\WINNT\unins000.exe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D2C7170-9C49-4B37-82B8-EEA2875FB2ED}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1CE1734D-5843-4D80-B5B2-EF4FBA7E9688}]
04/14/2008 06:47 PM 393673 --a------ C:\WINNT\system32\tuvutstq.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1D1EF5AC-C097-4106-983F-AFA477186785}]
C:\WINNT\addins\rulca.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3c9cddc7-f239-4446-b943-b6d371b68b4a}]
04/27/2008 07:50 PM 107072 --a------ C:\WINNT\system32\bxlceisr.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5F682197-4D21-4A96-997B-AED1AB50A139}]
C:\WINNT\system32\pmkhh.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72F6E589-EFE8-471D-B33B-316FEDCC28FD}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99F8BB77-555A-4E86-893D-9199BE1F724C}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B2F67B3B-5027-4CC2-BEE9-7B9852204F20}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E2F69C1B-6EDC-46D9-8A60-030C35805D16}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EC706D1B-85DD-4D3C-A290-7CBB76BCDC7E}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FB422E7B-3D5E-4D9B-84C2-91B6C888CDE2}]
04/14/2008 06:42 PM 34099 --a------ C:\WINNT\system32\yaywvtsr.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gateway Extended Warranty"="C:\Program Files\Gateway\GWCares\GWCares.exe" [02/08/2004 05:30 PM]
"NeroFilterCheck"="C:\WINNT\system32\NeroCheck.exe" [07/09/2001 12:50 PM]
"IgfxTray"="C:\WINNT\System32\igfxtray.exe" [11/18/2003 01:24 AM]
"HotKeysCmds"="C:\WINNT\System32\hkcmd.exe" [11/18/2003 01:11 AM]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [06/07/2003 07:32 AM]
"SM1BG"="C:\WINNT\SM1BG.EXE" [08/27/2003 03:20 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [03/20/2006 05:34 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [03/20/2006 05:34 PM]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [09/13/2004 12:51 PM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/16/2005 11:11 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/22/2007 10:19 PM]
"WD Button Manager"="WDBtnMgr.exe" [02/10/2007 05:16 PM C:\WINNT\system32\WDBtnMgr.exe]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe" [09/14/2006 07:55 AM]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [03/12/2007 06:30 PM]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [03/20/2006 05:34 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [01/15/2008 04:22 AM]
"BM2b234882"="C:\WINNT\system32\cfginxrq.dll" [04/27/2008 07:47 PM]
"28107b1e"="C:\WINNT\system32\gssgqnqv.dll" [04/27/2008 07:47 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Weather"="C:\Program Files\AWS\WeatherBug\Weather.exe" [12/19/2001 04:23 PM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [01/03/2008 12:15 PM]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 12:43 PM]
"ctfmon.exe"="C:\WINNT\system32\ctfmon.exe" [08/04/2004 03:56 AM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"SpybotDeletingB1789"=command /c del "C:\WINNT\system32\drivers\core.cache.dsk"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"SpybotDeletingA8152"=command /c del "C:\WINNT\system32\drivers\core.cache.dsk"
"SpybotDeletingC3514"=cmd /c del "C:\WINNT\system32\drivers\core.cache.dsk"
"SpybotDeletingA4262"=command /c del "C:\WINNT\system32\lexcemfg.dll_old"
"SpybotDeletingC5238"=cmd /c del "C:\WINNT\system32\lexcemfg.dll_old"
"SpybotDeletingA7008"=command /c del "C:\WINNT\system32\vnugmtxg.dll_old"
"SpybotDeletingC7254"=cmd /c del "C:\WINNT\system32\vnugmtxg.dll_old"

C:\Documents and Settings\Owner\Start Menu\Programs\Startup\
DW_Start.lnk.disabled [4/16/2008 7:57:34 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11/4/2004 7:28:24 PM]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [11/4/2004 7:50:52 PM]
Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [8/11/2004 2:22:40 AM]
Kodak software updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2/13/2004 2:12:08 PM]
LogViewer.lnk.disabled [5/15/2005 12:38:14 PM]
WD Backup Monitor.lnk - C:\Program Files\My Book\WD Backup\uBBMonitor.exe [2/10/2007 5:17:16 PM]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{FB422E7B-3D5E-4D9B-84C2-91B6C888CDE2}"= C:\WINNT\system32\yaywvtsr.dll [04/14/2008 06:42 PM 34099]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AutorunsDisabled]
C:\WINNT\addins\rulca.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmkhh]
C:\WINNT\system32\pmkhh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rqrqomj]
rqrqomj.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rulca]
C:\WINNT\addins\rulca.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yaywvtsr]
yaywvtsr.dll 04/14/2008 06:42 PM 34099 C:\WINNT\system32\yaywvtsr.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINNT\system32\tuvutstq

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINNT\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"<NO NAME>"=
"mmtask"=c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
"MMTray"=C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
"xloadnet"="C:\Program Files\xloadnet\xloadnet.exe"
"BM2b234882"=Rundll32.exe "C:\WINNT\system32\vwmixovo.dll",s

*Newly Created Service* - GTNDIS5



-- End of Deckard's System Scanner: finished at 2008-04-27 19:52:08 ------------


Extra.txt
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 3.00GHz
CPU 1: Intel® Pentium® 4 CPU 3.00GHz
Percentage of Memory in Use: 22%
Physical Memory (total/avail): 2542.73 MiB / 1981.49 MiB
Pagefile Memory (total/avail): 3133.97 MiB / 2626.47 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1931.05 MiB

C: is Fixed (NTFS) - 149.05 GiB total, 2.96 GiB free.
D: is CDROM (No Media)
E: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)

\\.\PHYSICALDRIVE0 - WDC WD1600JD-22HBB0 - 149.05 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 149.05 GiB - C:

\\.\PHYSICALDRIVE1 - Foxconn CF USB2.0 Card USB Device

\\.\PHYSICALDRIVE4 - Foxconn MS USB2.0 Card USB Device

\\.\PHYSICALDRIVE3 - Foxconn SD USB2.0 Card USB Device

\\.\PHYSICALDRIVE2 - Foxconn SM USB2.0 Card USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AntiVirusDisableNotify is set.

FW: Norton Internet Worm Protection v2006 (Symantec)
AV: Norton AntiVirus 2006 v2005 (Symantec Corporation) Outdated

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Common Files\\AOL\\1124397656\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1124397656\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"="C:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE:*:Disabled:Microsoft Office Word"
"C:\\Program Files\\Linksys\\LogViewer\\LogViewer.exe"="C:\\Program Files\\Linksys\\LogViewer\\LogViewer.exe:*:Enabled:LogViewer"
"C:\\Program Files\\AOL Games\\Wheel of Fortune\\Wheel of Fortune.exe"="C:\\Program Files\\AOL Games\\Wheel of Fortune\\Wheel of Fortune.exe:*:Enabled:Wheel of Fortune"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Common Files\\AOL\\1124397656\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1124397656\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"D:\\Setup\\HPZnet01.exe"="D:\\Setup\\HPZnet01.exe:*:Enabled:Install Consumer Experience Network Plug in"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:HP Digital Imaging Monitor"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:HP CUE-Scanning Flow Component"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:HP AiO Fax Manager"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=.;C:\Program Files\Java\j2re1.4.2\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MOTHER
ComSpec=C:\WINNT\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\MOTHER
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0304
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.2\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINNT
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=MOTHER
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINNT
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------


Owner (admin)
Katrina (admin)
Caitlyn (admin)
Daniel (admin)
Mom (admin)
Dad (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\WINNT\IsUninst.exe -fC:\WINNT\orun32.isu
--> MsiExec.exe /I{C4CBAD7E-DF4A-4FEC-AC17-8BC709AFB844}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINNT\INF\PCHealth.inf
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 5.0 --> C:\WINNT\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player ActiveX --> C:\WINNT\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINNT\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 2.1 --> MsiExec.exe /I{25569723-DC5A-4467-A639-79535BF01B71}
Adobe Photoshop Elements 5.0 --> msiexec /I {A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}
Adobe Reader 6.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-000000000001}
Ahead Nero BurnRights --> C:\WINNT\UNNeroBurnRights.exe /UNINSTALL
AIM 6 --> C:\Program Files\AIM6\uninst.exe
Anapod CopyGear (remove only) --> "C:\Program Files\Red Chair Software\Shared\anagear_uninst.exe"
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
Apple Mobile Device Support --> MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ArcSoft Camera Suite 1.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD13BFB0-FDD2-4AFA-A8AF-9F4A950D56B7}\setup.exe" -l0x9
Armies of the Imperium --> MsiExec.exe /I{CCFEB50F-87CB-48A4-890F-21E56F1D7ECE}
Armies of the Imperium Patch v2.6.05 --> MsiExec.exe /X{B90FBC1A-9E7D-4D9F-9BD0-7D1123232196}
Best Western International with MultiView Reader --> "C:\Program Files\MVReader\BWI-0001\unins000.exe"
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Canon Camera Support Core Library --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{91F1A0D6-23AD-49FE-8D4E-379485652214} /l1033
Canon Camera Window DS for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}
Canon Camera Window DVC for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4C96958A-6562-4143-B820-FF4890D3B734}
Canon Camera Window for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{C7281207-4AA4-425E-B57A-0E9EF8445635}
Canon MovieEdit Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}
Canon PhotoRecord --> MsiExec.exe /X{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}
Canon RAW Image Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{45EF4EE3-F591-4B74-A477-0CAE12934CE7}
Canon RemoteCapture Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{28291BD5-92D2-4685-82DC-CCA925C53CCA}
Canon Utilities PhotoStitch 3.1 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}
Canon ZoomBrowser EX --> MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
ccCommon --> MsiExec.exe /I{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}
CCHelp --> MsiExec.exe /I{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Combat Mission Afrika Korps --> "C:\Program Files\Battlefront\Combat Mission Afrika Korps\unins000.exe"
Combat Mission Shock Force Demo (v1.02) --> "C:\Program Files\Battlefront\Combat Mission Shock Force Demo\unins000.exe"
Costco Photo Organizer --> MsiExec.exe /X{BA156277-D012-4509-9F9D-5587357B7207}
Cypress USB Mass Storage Driver Installation --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E0695EE-ED29-4D96-BD77-2A9A17EDF0D6}\Setup.exe" -l0x9 NotFirstInstall
Dark River Stationery --> MsiExec.exe /I{47CC11F6-124A-11D3-825E-00C04F6843FE}
DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DoMore --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E5B26C1E-4751-4F03-BC18-634F41F31EC6}\setup.exe" -l0x9
Enemies of the Imperium --> MsiExec.exe /I{B396F38F-AA93-463B-B470-FBBD3F0803EA}
Enemies of the Imperium Patch v2.6.05 --> MsiExec.exe /X{4138863B-A90A-4B66-99DD-13124A7EADBD}
Enhancement Browser Tools Nextads --> C:\WINNT\system32\{63a5cd49-c091-c43d-51f4-4d39d3944961}.dll-uninst.exe
ESSAdpt --> MsiExec.exe /I{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}
ESSANUP --> MsiExec.exe /I{A6F18A67-B771-4191-8A33-36D2E742D6D9}
ESSCAM --> MsiExec.exe /I{469730CC-78DF-4CD3-B286-562D459EA619}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSSONIC --> MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331}
ESSvpaht --> MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}
ESSvpot --> MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1}
FLV Player 1.3.3 --> "C:\Program Files\FLVPlayer\uninstall.exe"
Google Talk (remove only) --> "C:\Program Files\Google\Google Talk\uninstall.exe"
Google Video Player --> "C:\Program Files\Google\Google Video Player\Uninstall.exe"
GWCares --> MsiExec.exe /I{82EF8297-C8B2-4CA8-9430-FF2BC8C40414}
HLPIndex --> MsiExec.exe /I{38441BE7-79B0-42B8-8297-833704F949FE}
HLPRFO --> MsiExec.exe /I{AADAC983-FDE9-42FA-8FD9-7BB324155593}
Hole's ESP --> C:\WINNT\iun3405.exe C:\Program Files\Hole's ESP
Hoyle Card Games 2004 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{744F6CCF-9F56-40A0-A33D-2A45D53B6046}
Hoyle Casino 2004 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{224C47F4-CB95-406C-8AD6-81002FEED0CF}
HP Extended Capabilities 4.7 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Image Zone 4.7 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.7 --> "C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe" -datfile hposcr05.dat
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
InCD --> C:\WINNT\NuNInst.exe /UNINSTALL
Intel® Extreme Graphics 2 Driver --> RUNDLL32.EXE C:\WINNT\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
Intel® PRO Network Adapters and Drivers --> Prounstl.exe
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
Internet Worm Protection --> MsiExec.exe /I{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}
iPod for Windows 2006-01-10 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1033
iPod Updater 2004-11-15 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{06E73C0B-7DE7-4F41-860B-587033B75BD9} /l1033
iTunes --> MsiExec.exe /I{B85C4D19-6CEB-48CF-BD98-C887AC8C6F94}
Java 2 Runtime Environment, SE v1.4.2 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_3f1_5212972e\Setup.exe /APR-REMOVE
KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
Linksys Wireless-G PCI Network Adapter with SpeedBooster --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAE4A00B-D290-4B65-8287-B82A80FC0619}\setup.exe" -l0x9
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
LogViewer --> C:\WINNT\IsUninst.exe -f"C:\Program Files\Linksys\LogViewer\Uninst.isu"
Macromedia Shockwave Player --> C:\WINNT\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINNT\system32\Macromed\SHOCKW~2\Install.log
Microsoft Encarta Encyclopedia Standard 2004 --> MsiExec.exe /I{04410044-9149-45C6-A806-F2BF9CFCE762}
Microsoft Learning and Research Plus Support Files --> MsiExec.exe /I{00000000-3976-4267-9F39-1DC4745090B7}
Microsoft Money 2004 System Pack --> MsiExec.exe /I{8C64E145-54BA-11D6-91B1-00500462BE80}
Microsoft Money 2007 --> "C:\Program Files\Microsoft Money 2007\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Money Shared Libraries --> MsiExec.exe /X{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Picture It! Express 7.0 --> MsiExec.exe /I{369B36BE-3D64-4641-9AEA-808D436FE130}
Microsoft Picture It! Photo Premium 9 --> C:\WINNT\System32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0903}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Streets and Trips 2004 --> MsiExec.exe /I{8704D51E-25B7-4F23-81E7-AA4F54790210}
Microsoft Works --> MsiExec.exe /I{B9966F27-9678-4620-9579-925E3084647E}
Microsoft Works 2004 Setup Launcher --> C:\Program Files\Microsoft Works Suite 2004\Setup\Launcher.exe d:\
Microsoft Works Suite Add-in for Microsoft Word --> MsiExec.exe /I{33BEE6F3-9987-4F98-A069-97A64EC8321A}
Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\Owner\Application Data\Move Networks\ie_bin\Uninst.exe
MSN Internet Software --> C:\Program Files\MSN\MSNCoreFiles\Setup\msnunin.exe
MSN Messenger 5.0 --> MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314B00527}
MUSICMATCH® Jukebox --> C:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.exe
My Wal-Mart Digital Photo Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAF8B012-D559-4B8D-95C0-D98E1172E5C3}\setup.exe" -l0x9 -removeonly
Napster --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe" -l0x9
Napster Burn Engine --> MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
NAVShortcut --> MsiExec.exe /I{F325CF11-27CE-4872-8022-6E9EB27DF24F}
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NeroVision Express 3 --> C:\WINNT\UNNeroVision.exe /UNINSTALL
Norton AntiVirus 2006 --> MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
Norton AntiVirus 2006 (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{C6F5B6CF-609C-428E-876F-CA83176C021B}.exe" /X
Norton AntiVirus Help --> MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
Norton AntiVirus Parent MSI --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton AntiVirus SYMLT MSI --> MsiExec.exe /I{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}
Norton Protection Center --> MsiExec.exe /I{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}
Norton WMI Update --> MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4}
Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OTtBP --> MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
OTtBPSDK --> MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}
PCDADDIN --> MsiExec.exe /I{65D85050-5610-4A91-A3B1-D5C744291AD4}
PCDHELP --> MsiExec.exe /I{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}
PCDLNCH --> MsiExec.exe /I{69BD6399-3D8F-45B7-81D9-819361F5101D}
Pdf995 (installed by TaxCut) --> C:\Program Files\pdf995\setup.exe uninstall
PdfEdit995 (installed by TaxCut) --> C:\Program Files\pdf995\res\utilities\thinsetup.exe - uninstall
Photo Story 3 for Windows --> MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Quicken 2004 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{54DE0B75-6CD9-44C4-B10A-1F25DA9899D8} anything
QuickTime --> MsiExec.exe /I{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}
QuickTime 3.0 --> C:\WINNT\uninst.exe -f"C:\Program Files\QuickTime\DeIsL1.isu" -c"C:\WINNT\system32\QTUninst.dll
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Ricochet Xtreme --> "C:\Program Files\Ricochet Xtreme\unins000.exe"
Roxio Burn Engine --> MsiExec.exe /X{9860A9CF-7E71-43AC-888F-0B4D3EA212D1}
Scrapbook Factory Deluxe --> MsiExec.exe /X{225DA7CB-C773-4F68-8068-184C4082C2F1}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINNT\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINNT\$NtUninstallKB923723$\spuninst\spuninst.exe"
SFR --> MsiExec.exe /I{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}
SFR2 --> MsiExec.exe /I{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}
Shockwave --> C:\WINNT\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINNT\system32\Macromed\SHOCKW~1\Install.log
SideStep --> regsvr32 /u /s "C:\WINNT\Downloaded Program Files\SbCIe028.dll"
SPBBC --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Spybot - Search & Destroy 1.5.2.20 --> "C:\WINNT\unins000.exe"
SUPER © Version 2006.19 (FIX) --> C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Symantec --> MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
Symantec KB-DocID:2003093015493306 --> MsiExec.exe /I{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}
TaxCut Deluxe 2005 --> C:\PROGRA~1\TaxCut05\Program\removetc.exe
TaxCut Premium + State 2007 --> MsiExec.exe /X{663E217E-FC26-4249-9E8E-F190CD63E737}
TaxCut Premium 2006 --> C:\PROGRA~1\TaxCut06\Program\removetc.exe
TaxCut Virginia 2007 --> MsiExec.exe /X{6230F503-51D7-4BA2-9007-34ACDD31D182}
USB Storage Adapter FX (SM1) --> SM1UN.EXE SM1FX_AT
Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Wal-Mart Music Downloads Store --> MsiExec.exe /I{B8A432E2-D541-4F48-B9E8-243BEEC3D158}
WD Backup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A351224F-533A-4EED-89F4-0BF3417FD31D}\setup.exe" -l0x9
WD Diagnostics --> MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
WD Firewire HID Driver --> MsiExec.exe /X{FD6C6B7F-5696-48C5-A601-2EE9E50C3D46}
WeatherBug --> C:\PROGRA~1\AWS\WEATHE~1\REMOVE.EXE C:\PROGRA~1\AWS\WEATHE~1\INSTALL.LOG
WildPackets EtherPeek NX 2.1 --> C:\WINNT\IsUninst.exe -f"C:\Program Files\WildPackets\EtherPeek NX\UNINST.ISU"
Yahoo! Install Manager --> C:\WINNT\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
Yapta --> "C:\Program Files\Yapta\uninstall.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type29737 / Success
Event Submitted/Written: 04/26/2008 07:43:52 PM
Event ID/Source: 2570 / Adobe Active File Monitor 5.0
Event Description:
Adobe Active File Monitor Service has Started.

Event Record #/Type29724 / Error
Event Submitted/Written: 04/26/2008 04:40:34 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error

Internet connection not detected.

Event Record #/Type29722 / Error
Event Submitted/Written: 04/26/2008 04:35:34 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error

Internet connection not detected.

Event Record #/Type29720 / Error
Event Submitted/Written: 04/26/2008 04:30:34 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error

Internet connection not detected.

Event Record #/Type29718 / Error
Event Submitted/Written: 04/26/2008 04:25:34 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error

Internet connection not detected.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type83169 / Warning
Event Submitted/Written: 04/26/2008 07:45:48 PM
Event ID/Source: 1005 / Dhcp
Event Description:
Your computer has detected that the IP address 192.168.1.103 for the Network Card
with network address 0012179D932B is already in use on the network.
Your computer will automatically attempt to obtain a different address.

Event Record #/Type83168 / Warning
Event Submitted/Written: 04/26/2008 07:45:47 PM
Event ID/Source: 1005 / Dhcp
Event Description:
Your computer has detected that the IP address 192.168.1.103 for the Network Card
with network address 0012179D932B is already in use on the network.
Your computer will automatically attempt to obtain a different address.

Event Record #/Type83164 / Warning
Event Submitted/Written: 04/26/2008 07:45:18 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0012179D932B. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Event Record #/Type83159 / Error
Event Submitted/Written: 04/26/2008 07:42:20 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Event Record #/Type83158 / Error
Event Submitted/Written: 04/26/2008 06:29:00 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}



-- End of Deckard's System Scanner: finished at 2008-04-26 19:56:37 ------------


Kaspersky On line scan
Sunday, April 27, 2008 7:44:11 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 27/04/2008
Kaspersky Anti-Virus database records: 727826
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
G:\
H:\
I:\
J:\
Scan Statistics
Total number of scanned objects 247384
Number of viruses found 49
Number of infected objects 341
Number of suspicious objects 2
Duration of the scan process 02:42:35

Infected Object Name Virus Name Last Action
C:\Deckard\System Scanner\backup\WINNT\Downloaded Program Files\popcaploader.dll Infected: not-a-virus:Downloader.Win32.PopCap.b skipped
C:\Deckard\System Scanner\backup\WINNT\Downloaded Program Files\SbCIe028.dll Infected: not-a-virus:AdWare.Win32.SideStep.a skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0a03c87ade93bfac4eafa065d929ee82_106b5efa-dff6-4c5f-aeda-12712a913635 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b091b736583c56ca6484c25cd370187e_106b5efa-dff6-4c5f-aeda-12712a913635 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\efd3f0c3823947d9f9b00d6e70dec51e_106b5efa-dff6-4c5f-aeda-12712a913635 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Yazzle.zip/Yazzle1281OinUninstaller.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Yazzle.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-04-27_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\000B4EE9.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\005D3CAA.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03051C11.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03CA36B7.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04CB53F5.tmp Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04D27E58.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05A55135.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\064C2E7E.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06541A00.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06D80113.cla Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\078A44FC.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\078D6EF8.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\079442F1.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07A16AE3.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07F34E9F.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08576C13.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\09284F2E.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\09927C08.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\099B1319.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\099F27AA.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\09B67A87.dll Infected: Trojan-Spy.Win32.Agent.ps skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A2479E0.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A2479E0.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A2479E0.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A2479E0.zip ZIP: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A2479E0.zip CryptFF: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A450142.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0AAF0956.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0B307389.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0B5F6FD2.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0B6F41C0.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0D4447DD.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0D5C0C30.exe Infected: Trojan-Downloader.Win32.VB.wz skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0E9E29A3.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0EF55841.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0F181158.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0F5A5910.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0FC54299.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0FFA6260.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\102B582A.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\102E0226.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1034561F.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\10663F0D.tmp Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\10941DDC.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\10970414.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\109A2E10.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\10B7658F.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\10EF2F52.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\10F5034B.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\10FF0140.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\11057AF8.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\112D4D0E.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1130770A.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\11450A7E.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1166046D.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\12445B8C.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\126803D1.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13697F32.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\136A1E49.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13FB74C3.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\140E70AD.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1452434A.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14B04798.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14D75EB0.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\153E4CC8.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\15D5629F.exe Infected: Email-Worm.Win32.Warezov.oa skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\15E1235C.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\160A573D.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\162B6D3A.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\17163C37.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\17681ADE.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\179E16B2.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\18105324.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\18A90A35.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\193C6517.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\194C3D81.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\19CC5500.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1A1F6E50.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1A37038D.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1A3A2D8A.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1A3E5786.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1A410182.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1A64123A.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1ABE0738.exe Infected: Email-Worm.Win32.Warezov.oa skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1AFA6B5F.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1BA07EBB.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1C9D4EE6.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1D680680.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1D752E71.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1D9810A4.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1E1D508E.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1E616428.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1E8F1105.exe Infected: Email-Worm.Win32.Warezov.oa skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1FB85513.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1FC60571.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ir skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\20487758.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\204E5068.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2070329C.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\21B76433.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\21D8080F.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\21E650A7.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\21F32EAB.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\21F92BEB.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D45F0B.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22EE3029.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\23AD3062.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\24563F89.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\246A7F0F.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\25CB7F77.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2613513B.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\26774051.exe Infected: Email-Worm.Win32.Warezov.oa skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\26CE6CA3.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\26FC192E.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\27E6375A.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\27E931C2.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\28B61DD9.exe Infected: Email-Worm.Win32.Warezov.oa skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29AB6C9B.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29AB6C9B.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29AB6C9B.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29AB6C9B.zip ZIP: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29AB6C9B.zip CryptFF: infected - 3 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2A18397E.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2AF3675F.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2B4D68FF.exe Infected: Email-Worm.Win32.Warezov.oa skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2C0E24F1.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2C2638F1.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2CF023FE.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2CF44DFB.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D0371E3.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DD27848.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2ED02AAE.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EEC7ACE.sys Infected: Trojan.Win32.Agent.ny skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30133027.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30210F3B.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\309E37BC.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\313972E4.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\314E1436.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3161371C.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31725E85.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31882EF1.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31FA1397.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32DD48B6.dll Infected: not-a-virus:AdWare.Win32.Searchcolor.a skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\341B7879.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3484719F.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34F77C6D.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.iu skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\359A2FB9.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.iu skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\38497CBF.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\388B6253.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\38F5164B.def Infected: not-a-virus:Downloader.Win32.WinFixer.ar skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\39623447.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3B5B6BA7.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3BAD3C46.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3C8B1BDB.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3CAA73AA.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3CE73376.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3D385232.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3DA607C8.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3DAE349B.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3FB71441.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3FC43C33.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3FE5600F.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\404B1780.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\40626976.def Infected: not-a-virus:AdWare.Win32.180Solutions.as skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\40723F16.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\407940ED.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.il skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\40AA11A1.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\40C567AA.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\420266C8.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\426D5052.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\436D55B5.exe Infected: Trojan-Downloader.Win32.VB.cst skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\465D2036.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\467220B4.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\46A94C1E.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\46C546A7.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\47B53682.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\48236C42.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\48721584.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\487663AE.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\49216F61.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.iu skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4BAD6545.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4BE33182.cla Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4BE65B7F.cla Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4BE9057B.cla Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4BED2F77.cla Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4C95545D.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4CA05F12.cla Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4CEE5934.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.il skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4E3556C5.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4E3D5247.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4E596E38.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4E5B4C26.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4E9C13DF.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4EBB1032.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\50693E0F.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\50B72DB9.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\53594934.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\54BB7BD2.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\54F55E2E.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\554110E5.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5617658A.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\562F1D0C.tmp Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\56B57D10.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\56E47FAB.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\56E729A8.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\56EE7DA0.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\56F77B96.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57C529E3.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57FB63A9.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5850274B.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\58523748.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\585B0B7B.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\591B7314.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\59542C2C.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\59801F20.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\599D7C5E.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\59C31FF2.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\59DF60B8.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\59E31350.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5A9C4D6C.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5B434130.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C4D7048.tmp Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C501A44.tmp Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C81449F.tmp Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5D3D2952.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5E1D2CBE.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5E3028A9.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5E727061.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5EDD5CB6.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5F9D6FB6.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5FA952A7.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\603A3AB0.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\604A0C9E.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61A41DA6.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\62592015.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\62664807.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\62952A4E.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\62A70FBF.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\654B000E.exe Infected: Trojan-Downloader.Win32.PurityScan.eg skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\656604C6.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\65847EA5.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\65A941E2.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\65C44E16.dll Infected: Trojan-Spy.Win32.Agent.ps skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\67330939.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\67743E27.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\688A7F5F.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\68D9378F.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\69153038.exe Infected: not-a-virus:Downloader.Win32.WinFixer.ar skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\69CD203E.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A540565.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A754883.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6AD40A1B.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6B0F7DDB.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6B1C25CC.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6B2279C5.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6B382003.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6BC119E7.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6BCD68FE.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6BD7682E.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6BDB534F.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6C2C731E.DLL Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6C89043A.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6DB975E7.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6F1D5207.exe Infected: Trojan-Downloader.Win32.VB.wz skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\703342D5.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\71DE4734.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\727802B1.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\73621F79.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\73737167.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7387723B.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\739A5648.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\73BB276D.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\73D94D33.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\74216B58.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\74897C8B.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\75382C0F.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\753A231B.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\75841D76.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\75DA4BAD.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\75FF3EEE.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\76505894.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\76564AEB.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\76CA6EFA.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\76DC2780.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\77C169F1.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\77E204DA.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\77EA1EB8.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\79542634.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\79B252B7.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\79B367CC.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7A665CB2.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7ABC420C.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7AF36A17.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7B79453C.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7BF75C02.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7C1E3E98.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7C7025DD.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7CA358C3.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7F6B5863.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FDA5192.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\Caitlyn\Local Settings\Temporary Internet Files\Content.IE5\OCD4T2FK\CursorManiaSetup2.2.60.9[1].exe/mwsSetup.CommonCodebase.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.av skipped
C:\Documents and Settings\Caitlyn\Local Settings\Temporary Internet Files\Content.IE5\OCD4T2FK\CursorManiaSetup2.2.60.9[1].exe CAB: infected - 1 skipped
C:\Documents and Settings\Katrina\Local Settings\Temporary Internet Files\Content.IE5\92O67X94\counter21[1].htm Infected: Trojan-Downloader.VBS.Agent.p skipped
C:\Documents and Settings\Katrina\Local Settings\Temporary Internet Files\Content.IE5\BLSSWZZZ\index[6].htm Infected: Exploit.HTML.IESlice.i skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Mom\Desktop\Smitf\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Mom\Desktop\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Mom\Desktop\SmitfraudFix.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Mom\Local Settings\Temporary Internet Files\Content.IE5\962V8GD7\glas[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.qok skipped
C:\Documents and Settings\Mom\Local Settings\Temporary Internet Files\Content.IE5\BG3U9DAI\kriv[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.pmw skipped
C:\Documents and Settings\Mom\Local Settings\Temporary Internet Files\Content.IE5\EIZQ000W\glas[1] Infected: Packed.Win32.Monder.gen skipped
C:\Documents and Settings\Mom\Local Settings\Temporary Internet Files\Content.IE5\HTH1ILIY\kriv[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.qpx skipped
C:\Documents and Settings\Mom\Local Settings\Temporary Internet Files\Content.IE5\YSU3LI0N\css4[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.qfq skipped
C:\Documents and Settings\Mom\Local Settings\Temporary Internet Files\Content.IE5\YSU3LI0N\idkfa[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.pmx skipped
C:\Documents and Settings\Mom\Local Settings\Temporary Internet Files\Content.IE5\YT1E105P\idkfa[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.qpb skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Desktop\Smitf\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Owner\Desktop\Smitf\SmitfraudFix\SmitfraudFix.zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Owner\Desktop\Smitf\SmitfraudFix\SmitfraudFix.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\AOL OCP\AIM\Storage\All Users\localStorage\common.cls Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\AOL OCP\AIM\Storage\data\toblonde2kare\localStorage\common.cls Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\hpodvd09.log Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\~DF2A9F.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\~DFE1D9.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\~DFE1EA.tmp Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\47H4DG2R\query[1] Infected: Trojan.Win32.Zapchast.gb skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\55YS9ZXQ\css4[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.qom skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\55YS9ZXQ\kriv[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.pjx skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\5VUGM4OD\iddqd[1] Infected: Trojan.Win32.Zapchast.gb skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\5VUGM4OD\idkfa[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.qof skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\81ENN7CI\kriv[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.qre skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\AILUNDFX\kriv[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.qrh skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\EEQCRKKU\SmitfraudFix[1].zip/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\EEQCRKKU\SmitfraudFix[1].zip ZIP: infected - 1 skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GXHJJV3U\hctp[1] Infected: Trojan.Win32.Zapchast.gb skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\NUWJO6HI\glas[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.pon skipped
C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped
C:\Program Files\AWS\WeatherBug\WxBugAutoUpgradeChoiceSAb1.0.0.7.EXE/WISE0008.BIN/WISE0016.BIN Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
C:\Program Files\AWS\WeatherBug\WxBugAutoUpgradeChoiceSAb1.0.0.7.EXE/WISE0008.BIN Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
C:\Program Files\AWS\WeatherBug\WxBugAutoUpgradeChoiceSAb1.0.0.7.EXE WiseSFX: infected - 2 skipped
C:\Program Files\AWS\WeatherBug\WxBugAutoUpgradeChoiceSAb1.0.0.7.EXE WiseSFXDropper: infected - 2 skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\Program Files\Kodak\Kodak EasyShare software\Catalog\EasyShare.me Object is locked skipped
C:\Program Files\Kodak\Kodak EasyShare software\Catalog\EasyShare.mm Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\BWKDLogs\BWTargetInf.log Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\inuse.txt Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\L0000077.FCS Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\main.log Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.idx Object is locked skipped
C:\Program Files\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton AntiVirus\Savrt\0002NAV~.TMP Object is locked skipped
C:\Program Files\Norton AntiVirus\Savrt\0077NAV~.TMP Object is locked skipped
C:\RECYCLER\S-1-5-21-3126964186-3076002095-2773854034-1007\Dc3.exe Infected: not-a-virus:AdWare.Win32.Trymedia.a skipped
C:\RECYCLER\S-1-5-21-3126964186-3076002095-2773854034-1007\Dc4.exe Infected: not-a-virus:AdWare.Win32.Trymedia.a skipped
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP1\A0000101.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.qre skipped
C:\System Volume Information\_restore{7DCA1BE4-D752-48D6-A25E-C722C8FD1BC4}\RP1\change.log Object is locked skipped
C:\WINNT\$NtUninstallKB833407$\bssym7.ttf Object is locked skipped
C:\WINNT\Debug\PASSWD.LOG Object is locked skipped
C:\WINNT\pfirewall.log Object is locked skipped
C:\WINNT\SchedLgU.Txt Object is locked skipped
C:\WINNT\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINNT\Sti_Trace.log Object is locked skipped
C:\WINNT\system32\bharebio01\bharebio011065.exe Infected: Trojan-Downloader.Win32.VB.dsf skipped
C:\WINNT\system32\byxxyvtq.dll Infected: Trojan.Win32.Agent.eek skipped
C:\WINNT\system32\CatRoot2\edb.log Object is locked skipped
C:\WINNT\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINNT\system32\config\AppEvent.Evt Object is locked skipped
C:\WINNT\system32\config\DEFAULT Object is locked skipped
C:\WINNT\system32\config\default.LOG Object is locked skipped
C:\WINNT\system32\config\Internet.evt Object is locked skipped
C:\WINNT\system32\config\SAM Object is locked skipped
C:\WINNT\system32\config\SAM.LOG Object is locked skipped
C:\WINNT\system32\config\SecEvent.Evt Object is locked skipped
C:\WINNT\system32\config\SECURITY Object is locked skipped
C:\WINNT\system32\config\SECURITY.LOG Object is locked skipped
C:\WINNT\system32\config\SOFTWARE Object is locked skipped
C:\WINNT\system32\config\software.LOG Object is locked skipped
C:\WINNT\system32\config\SysEvent.Evt Object is locked skipped
C:\WINNT\system32\config\SYSTEM Object is locked skipped
C:\WINNT\system32\config\system.LOG Object is locked skipped
C:\WINNT\system32\drivers\core.cache.dsk Object is locked skipped
C:\WINNT\system32\drivers\imagesrvv.sys Object is locked skipped
C:\WINNT\system32\h323log.txt Object is locked skipped
C:\WINNT\system32\pmnnnkli.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.qhp skipped
C:\WINNT\system32\tuvutstq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.qhp skipped
C:\WINNT\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINNT\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINNT\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINNT\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINNT\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINNT\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINNT\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINNT\system32\yaywvtsr.dll Infected: Trojan.Win32.Agent.eek skipped
C:\WINNT\wiadebug.log Object is locked skipped
C:\WINNT\wiaservc.log Object is locked skipped
C:\WINNT\WindowsUpdate.log Object is locked skipped
Scan process completed.

BC AdBot (Login to Remove)

 


#2 km2357

km2357

  • Malware Response Team
  • 1,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:19 AM

Posted 11 May 2008 - 03:54 PM

Hello and welcome to Bleeping Computer.

My name is km2357 and I will be helping you to remove any infection(s) that you may have.

I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again.

Please do not start another thread or topic, I will assist you at this thread until we solve your problems.

Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.

Sorry for the delay in replying, the forum is very busy. If you still need help, please post a fresh HiJackThis Log and an Uninstall List (instructions forthcoming)

Step # 1 Download CCleaner

Download CCleaner from here to clean temp files from your computer.
  • Double click on the ccsetup.exe file to start the installation of the program.
  • Select your language and click OK, then next.
  • Read the license agreement and click I Agree.
  • Click next to use the default install location.
  • Under Install Options, choose all the default settings except I would recommend that you unclick/untick install the Yahoo! Toolbar, unless you want it. You can also Uncheck the 'Automatically check for updates' box.
  • Click Install then finish to complete installation.

Step # 2 Retrieve the Installed Programs List from CCleaner

Open CCleaner if it's not already running.
In the Left Pane, click Tools
Verify that Uninstall is highlighted in color, or click on it.
In the lower Right, click Save to Text File.
Pull down the arrow at the top of the Save dialog and choose Desktop as the location.
You can leave the filename as install.txt
Click Save
Exit CCleaner by clicking on the X button in the upper right of the CCleaner window.


In your next post/reply, I need to see the following:

1. A fresh HiJackThis Log
2. CCleaner Uninstall List

MalWare Removal University Master

Member of ASAP
unite_Invision.png


#3 km2357

km2357

  • Malware Response Team
  • 1,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:19 AM

Posted 14 May 2008 - 01:27 PM

raft2112? Do you still need help?

MalWare Removal University Master

Member of ASAP
unite_Invision.png


#4 km2357

km2357

  • Malware Response Team
  • 1,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:19 AM

Posted 16 May 2008 - 01:14 PM

Due to the lack of feedback, this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

MalWare Removal University Master

Member of ASAP
unite_Invision.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users