Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected Computer


  • This topic is locked This topic is locked
12 replies to this topic

#1 kdrman

kdrman

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:18 PM

Posted 26 August 2008 - 11:27 PM

Hi,

My computer seems to be infected. I have constant warnings from spybot that something is trying to change my registry and I don't know what to do. I've had help from here before and I'm hoping for some more. :thumbsup:

Here is my HJT log. Thanks in advance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:23:21 PM, on 8/26/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.espn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"
O4 - HKCU\..\RunOnce: [TSClientAXDisabler] cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - c:\program files\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - c:\program files\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: (no name) - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - (no file)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1125413682140
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://mycampus.phoenix.edu/secure/PhxStudent15.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{96F4AB48-85D1-4262-8F96-611F40B400DE}: NameServer = 68.94.156.1,68.94.157.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 13021 bytes

BC AdBot (Login to Remove)

 


m

#2 Baabiouz

Baabiouz

    Finnish Malware Fighter


  • Members
  • 3,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:01:18 AM

Posted 12 September 2008 - 06:29 AM

Hello


Apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.
If you have since resolved the original problem you were having would appreciate you letting us know If not please perform the following below so I can have a look at the current condition of your machine.

Thanks and again sorry for the delay.
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Next
Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Posted Image

#3 kdrman

kdrman
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:18 PM

Posted 16 September 2008 - 10:06 PM

Hi Baabiouz,

Thanks for your response. Sorry for the delay, I was out of town until last night. I am still have a lot of problems and judging from this output this computer is full of issues. Here are the outputs and thank you very much for your help:

KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, September 16, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, September 16, 2008 21:53:54
Records in database: 1242681
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
K:\
M:\
Scan statistics
Files scanned 117490
Threat name 79
Infected objects 551
Suspicious objects 2
Duration of the scan 03:57:23

File name Threat name Threats count
C:\Program Files\Norton AntiVirus\Quarantine\00DF0960.zip Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton AntiVirus\Quarantine\00DF0960.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\00DF0960.zip Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton AntiVirus\Quarantine\00DF0960.zip Infected: Trojan-Downloader.Java.OpenConnection.v 1
C:\Program Files\Norton AntiVirus\Quarantine\01A9339B Infected: Trojan.Java.ClassLoader.o 1
C:\Program Files\Norton AntiVirus\Quarantine\02723527 Infected: Trojan-Downloader.Win32.Turown.g 1
C:\Program Files\Norton AntiVirus\Quarantine\03633CD9.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\05652A9D.class Infected: Trojan.Java.ClassLoader.k 1
C:\Program Files\Norton AntiVirus\Quarantine\07E9739A.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\07E9739A.zip Infected: Trojan.Java.ClassLoader.m 1
C:\Program Files\Norton AntiVirus\Quarantine\07E9739A.zip Infected: Trojan.Java.Needy.c 1
C:\Program Files\Norton AntiVirus\Quarantine\0AC022D3.class Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton AntiVirus\Quarantine\0C2E24CE Infected: not-a-virus:AdWare.Win32.Bymoh.b 1
C:\Program Files\Norton AntiVirus\Quarantine\0FAA559D Infected: Backdoor.Win32.Ruledor.c 1
C:\Program Files\Norton AntiVirus\Quarantine\10510859.zip Infected: Trojan.Java.Needy.c 2
C:\Program Files\Norton AntiVirus\Quarantine\10510859.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\11180E99.class Infected: Trojan.Java.ClassLoader.k 1
C:\Program Files\Norton AntiVirus\Quarantine\14D03C84 Infected: Trojan-Downloader.Win32.Agent.ap 1
C:\Program Files\Norton AntiVirus\Quarantine\15B92474.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\17201257 Infected: Backdoor.Win32.Ruledor.c 1
C:\Program Files\Norton AntiVirus\Quarantine\1AA37A9E.class Infected: Trojan.Java.ClassLoader.i 1
C:\Program Files\Norton AntiVirus\Quarantine\1B3A119B Infected: Backdoor.Win32.VB.oq 1
C:\Program Files\Norton AntiVirus\Quarantine\1E7C7461 Infected: Trojan-Downloader.Win32.VB.cw 1
C:\Program Files\Norton AntiVirus\Quarantine\1EB5219E.class Infected: Trojan.Java.ClassLoader.d 1
C:\Program Files\Norton AntiVirus\Quarantine\20312B83.class Infected: Trojan.Java.ClassLoader.l 1
C:\Program Files\Norton AntiVirus\Quarantine\20CE17AD.class Infected: Trojan.Java.ClassLoader.Dummy.d 1
C:\Program Files\Norton AntiVirus\Quarantine\22B14E56 Infected: Backdoor.Win32.VB.nb 1
C:\Program Files\Norton AntiVirus\Quarantine\230266E3.class Infected: Trojan.Java.ClassLoader.i 1
C:\Program Files\Norton AntiVirus\Quarantine\236D6B7F.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\277D4569.zip Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton AntiVirus\Quarantine\277D4569.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\277D4569.zip Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton AntiVirus\Quarantine\277D4569.zip Infected: Trojan-Downloader.Java.OpenConnection.v 1
C:\Program Files\Norton AntiVirus\Quarantine\298A58E7.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton AntiVirus\Quarantine\2CAF6268.class Infected: Trojan.Java.ClassLoader.d 1
C:\Program Files\Norton AntiVirus\Quarantine\2F1D4953.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\34A7124A.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton AntiVirus\Quarantine\389A268A.class Infected: Trojan.Java.ClassLoader.i 1
C:\Program Files\Norton AntiVirus\Quarantine\3C363760.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton AntiVirus\Quarantine\3C3A615C.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton AntiVirus\Quarantine\3CFF2939 Infected: Trojan-Downloader.Win32.Agent.ac 1
C:\Program Files\Norton AntiVirus\Quarantine\3CFF2939 Infected: Trojan-Downloader.Win32.Turown.h 1
C:\Program Files\Norton AntiVirus\Quarantine\3CFF2939 Infected: Trojan-Downloader.Win32.Turown.g 1
C:\Program Files\Norton AntiVirus\Quarantine\3CFF2939 Infected: Trojan-Downloader.Win32.VB.cw 1
C:\Program Files\Norton AntiVirus\Quarantine\3DF62195.zip Infected: Trojan.Java.Needy.c 3
C:\Program Files\Norton AntiVirus\Quarantine\413052C9.class Infected: Trojan.Java.ClassLoader.k 1
C:\Program Files\Norton AntiVirus\Quarantine\41F24D2B Infected: Backdoor.Win32.VB.nb 1
C:\Program Files\Norton AntiVirus\Quarantine\423C12E1.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton AntiVirus\Quarantine\42FE6927 Infected: Trojan-Downloader.Win32.Apropo.u 1
C:\Program Files\Norton AntiVirus\Quarantine\43011323 Infected: Backdoor.Win32.VB.oq 1
C:\Program Files\Norton AntiVirus\Quarantine\43043D20 Infected: Backdoor.Win32.VB.nb 1
C:\Program Files\Norton AntiVirus\Quarantine\4308671C Infected: Backdoor.Win32.VB.nb 1
C:\Program Files\Norton AntiVirus\Quarantine\430B1119 Infected: Backdoor.Win32.VB.oq 1
C:\Program Files\Norton AntiVirus\Quarantine\44FA2CFB.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\450F2C21.class Infected: Trojan.Java.ClassLoader.k 1
C:\Program Files\Norton AntiVirus\Quarantine\46C703B8 Infected: not-a-virus:AdWare.Win32.SaveNow.af 1
C:\Program Files\Norton AntiVirus\Quarantine\4854606E.class Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton AntiVirus\Quarantine\4D43490A.zip Infected: Trojan.Java.Needy.c 3
C:\Program Files\Norton AntiVirus\Quarantine\4D467306.zip Infected: Trojan.Java.Needy.c 3
C:\Program Files\Norton AntiVirus\Quarantine\51583458 Infected: Backdoor.Win32.VB.oq 1
C:\Program Files\Norton AntiVirus\Quarantine\54997C77.class Infected: Trojan.Java.ClassLoader.i 1
C:\Program Files\Norton AntiVirus\Quarantine\5572339C Infected: Backdoor.Win32.VB.oq 1
C:\Program Files\Norton AntiVirus\Quarantine\58323EE9.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton AntiVirus\Quarantine\58F56CDB.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton AntiVirus\Quarantine\58F916D7.class Infected: Trojan.Java.ClassLoader.f 1
C:\Program Files\Norton AntiVirus\Quarantine\58F916D7.zip Infected: Trojan-Downloader.Java.OpenConnection.b 1
C:\Program Files\Norton AntiVirus\Quarantine\58F916D7.zip Infected: Trojan.Java.ClassLoader.f 1
C:\Program Files\Norton AntiVirus\Quarantine\58F916D7.zip Infected: Trojan.Java.ClassLoader.Dummy.d 1
C:\Program Files\Norton AntiVirus\Quarantine\58F916D7.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\58FC40D4.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\5B337077.class Infected: Trojan.Java.ClassLoader.b 1
C:\Program Files\Norton AntiVirus\Quarantine\5CE87056 Infected: Trojan-Downloader.Win32.Small.kl 1
C:\Program Files\Norton AntiVirus\Quarantine\5CE87056 Infected: not-a-virus:AdWare.Win32.SaveNow.c 1
C:\Program Files\Norton AntiVirus\Quarantine\5CE87056 Infected: not-a-virus:AdWare.Win32.SaveNow.af 1
C:\Program Files\Norton AntiVirus\Quarantine\5CE87056 Infected: not-a-virus:AdWare.Win32.SaveNow.l 1
C:\Program Files\Norton AntiVirus\Quarantine\5EC63BB5.class Infected: Trojan.Java.StartPage.g 1
C:\Program Files\Norton AntiVirus\Quarantine\5FD76E85 Infected: Trojan-Downloader.Win32.Agent.ap 1
C:\Program Files\Norton AntiVirus\Quarantine\5FDA1882 Infected: Trojan-Downloader.Win32.Agent.ap 1
C:\Program Files\Norton AntiVirus\Quarantine\5FDD427E Infected: Trojan-Downloader.Win32.Agent.ap 1
C:\Program Files\Norton AntiVirus\Quarantine\63C27AE8.class Infected: Trojan.Java.ClassLoader.k 1
C:\Program Files\Norton AntiVirus\Quarantine\65655B32 Infected: Backdoor.Win32.VB.oq 1
C:\Program Files\Norton AntiVirus\Quarantine\69B56A01.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\69B813FD.class Infected: Trojan.Java.Femad 1
C:\Program Files\Norton AntiVirus\Quarantine\6E034AAA.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton AntiVirus\Quarantine\6EFF6B96.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton AntiVirus\Quarantine\6F021592.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton AntiVirus\Quarantine\6F053F8E.class Infected: Trojan.Java.ClassLoader.i 1
C:\Program Files\Norton AntiVirus\Quarantine\6F053F8E.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton AntiVirus\Quarantine\6F08698B.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton AntiVirus\Quarantine\6F11130E Infected: Backdoor.Win32.VB.oq 1
C:\Program Files\Norton AntiVirus\Quarantine\74CD2FC2 Infected: Trojan-Downloader.Win32.Small.kl 1
C:\Program Files\Norton AntiVirus\Quarantine\77A82C52.zip Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton AntiVirus\Quarantine\77A82C52.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\77A82C52.zip Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton AntiVirus\Quarantine\77A82C52.zip Infected: Trojan-Downloader.Java.OpenConnection.v 1
C:\Program Files\Norton AntiVirus\Quarantine\7A706992.class Infected: Trojan.Java.ClassLoader.f 1
C:\Program Files\Norton AntiVirus\Quarantine\7A73138E.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\7A73138E.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton AntiVirus\Quarantine\7B135BB8.class Infected: Trojan.Java.ClassLoader.b 1
C:\Program Files\Norton AntiVirus\Quarantine\7B235740.zip Infected: Trojan.Java.ClassLoader.j 1
C:\Program Files\Norton AntiVirus\Quarantine\7B235740.zip Infected: Trojan-Dropper.Java.Beyond.c 1
C:\Program Files\Norton AntiVirus\Quarantine\7B235740.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton AntiVirus\Quarantine\7B235740.zip Infected: Trojan.Java.ClassLoader.Dummy.d 1
C:\Program Files\Norton AntiVirus\Quarantine\7E8D16D1 Infected: Trojan-Downloader.Java.OpenConnection.k 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\00114027 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\00810847.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\00982E2E.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\00F165B8.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\00FE6A8C.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\01011488.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\01A323A8.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\01BC2643.zip Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\01BC2643.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\01BC2643.zip Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\01BC2643.zip Infected: Trojan-Downloader.Java.OpenConnection.v 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\01C27A3C.class Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\01C52438.class Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\01C94E35.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0249669C.class Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0249669C.htm Infected: Exploit.VBS.Phel.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0249669C.zip Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0249669C.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0249669C.zip Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0249669C.zip Infected: Trojan-Downloader.Java.OpenConnection.v 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\024B251D.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\029A30A8 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\02DB7EB4.bin Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\02DF28B0.dll Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\02ED1795.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\03AD211B Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\03FD2F80 Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\048829F6.htm Infected: Exploit.VBS.Phel.j 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\051401A8 Infected: not-a-virus:AdWare.Win32.NavExcel.b 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\062E7C67 Infected: Trojan.Java.ClassLoader.ac 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\06E83824.bin Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\06EB6220.dll Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\06F26F35.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\06FB211C.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\06FB211C.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\06FB211C.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\06FB211C.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\07D70730 Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\08502A74.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\088637EE.class Infected: Trojan.Java.ClassLoader.i 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\08A404D6.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\08A404D6.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\08A404D6.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\08A404D6.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0A305A2E Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0ADE52BC.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0AE52B9F.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0B691D2F Infected: Trojan.Java.ClassLoader.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0B8F7ECA Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0CC12369.class Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0D8A183B.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0EF363D1.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0EF363D1.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0EF363D1.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0EF363D1.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0F920505.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\108F6D10.bin Infected: Trojan.Win32.StartPage.uh 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\108F6D10.dll Infected: Trojan.Win32.StartPage.uh 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\10B7222E.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\119D0578.bin Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\11A12F74.dll Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\141C553B.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1484444D Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\150F168B.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\150F168B.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\150F168B.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\150F168B.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\15645D8A.zip Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\15645D8A.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\15645D8A.zip Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\15645D8A.zip Infected: Trojan-Downloader.Java.OpenConnection.v 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\16043EC4.class Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\161E0BAB Infected: Trojan-Downloader.Win32.Agent.gj 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\16512EF9.bin Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\165558F6.dll Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\166B513F.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\16B15BE2.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\16C557CC.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\16E86E83 Infected: Trojan.Java.Femad 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\17CD1597.class Infected: Trojan.Java.ClassLoader.i 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\187F1E85.htm Infected: Trojan.JS.Seeker 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\18907073.class Infected: Trojan.Java.ClassLoader.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\18931A6F.class Infected: Trojan.Java.ClassLoader.d 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1917594A.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\19F50056.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1A1B56C0.htm Infected: Trojan-Downloader.JS.Small.d 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1A7D1135.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1A7D1135.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1A7D1135.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1A7D1135.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1BF50D03.zip Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1BF50D03.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1BF50D03.zip Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1BF50D03.zip Infected: Trojan-Downloader.Java.OpenConnection.v 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1BF83700.class Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1BFC60FC.class Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1BFF0AF9.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1C6F2BDD.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1C7E1D1F Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1D255AE8 Infected: Trojan.Win32.VB.kq 2
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1D5269DE.class Infected: Trojan.Java.ClassLoader.d 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1D6E67EB Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1D6E744F.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1ECF52A9.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1F42102B.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1F9306DE.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\20512D01.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\209F52BD.class Infected: Trojan.Java.ClassLoader.d 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\20B51351.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\20B51351.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\20B51351.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\20B51351.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\20ED415C Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\210618C9.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\21B61F0E.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\222E05D9.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\231D15A0 Infected: Trojan-Downloader.Win32.Small.kl 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\231D15A0 Infected: not-a-virus:AdWare.Win32.SaveNow.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\231D15A0 Infected: not-a-virus:AdWare.Win32.SaveNow.af 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\231D15A0 Infected: not-a-virus:AdWare.Win32.SaveNow.l 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\231D15A0 Infected: Trojan-Downloader.Win32.Agent.ec 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\231D15A0 Infected: Trojan-Downloader.Win32.Agent.ac 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\231D15A0 Infected: Trojan-Downloader.Win32.Turown.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\231D15A0 Infected: Trojan-Downloader.Win32.Turown.g 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\231D15A0 Infected: Trojan-Downloader.Win32.VB.cw 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\231D15A0 Infected: Trojan-Downloader.Win32.Apropo.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\231D15A0 Infected: not-a-virus:AdWare.Win32.EZula.l 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\231D15A0 Infected: Backdoor.Win32.Ruledor.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\231D15A0 Infected: Trojan.Win32.Qhost.bi 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\23474772.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\240C2CCA.bin Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\240C2CCA.dll Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\24320798 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\24A65125.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\26BC3760 Infected: Trojan.Java.Femad 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\27225420.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\27391FE2 Infected: Trojan.Win32.StartPage.gv 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\27903570 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\27945F6C Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\27F22104 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\27F54B00 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\28C21645.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\291C199C.class Infected: Trojan-Downloader.Java.OpenStream.v 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\29232A1F.class Infected: Trojan-Dropper.Java.Beyond.d 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2AE43FFF Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2B8F58D2.htm Infected: Exploit.VBS.Phel.j 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2BE2762E.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2CF3251B.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2F02664E Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2F0B18AB.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2FC24396 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\30416855.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\30B64FD4.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\32B0525C.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\32E13171.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\34C21F56.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\34C21F56.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\34C21F56.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\34C21F56.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\354E5FE6 Infected: Trojan-Downloader.Win32.Agent.ae 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\35577990 Infected: Trojan.Java.ClassLoader.ac 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\355A238C Infected: Trojan.Java.ClassLoader.ac 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\359A5A0B.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\35DA3984.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\36582B80 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\368B57C2.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\368B57C2.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\368B57C2.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\368B57C2.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\36FC6DF0.class Infected: Trojan.Java.ClassLoader.k 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\36FE6F31.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3703776F.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3703776F.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3703776F.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3703776F.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\38044158.htm Infected: Exploit.VBS.Phel.j 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\38B73D13 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\38C54592.class Infected: Trojan.Java.ClassLoader.d 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\395121FB.bin Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\395121FB.dll Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3A3F0427 Infected: Trojan.Java.ClassLoader.k 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3B9E6357.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3B9E6357.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3B9E6357.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3B9E6357.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3BA53523.class Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3BB144C4.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3BDB4377.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3BE53C81.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3E357764 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3E813A66.bin Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3E846462.dll Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F4642F2.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F6867DC.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F755747.class Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F755747.htm Infected: Exploit.VBS.Phel.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F755747.zip Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F755747.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F755747.zip Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F755747.zip Infected: Trojan-Downloader.Java.OpenConnection.v 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F780144.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F7F79E8.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F8223E4.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F8223E4.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F8223E4.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F8223E4.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F864DE0.class Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F8977DD.class Infected: Trojan.Java.ClassLoader.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F8C21D9.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3FC55CA4 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\40DE1BE5 Infected: Backdoor.Win32.VB.oq 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\413F4C13.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\416D539C.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\41A74564.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\41E5631F.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\420F65AF.dll Infected: Trojan.Win32.StartPage.gv 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\421902E6.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\421963A5.dll Infected: Trojan.Win32.StartPage.gv 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\42405B79.dll Infected: Trojan.Win32.StartPage.gv 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\42462F72.dll Infected: Trojan.Win32.StartPage.gv 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\424C060C.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\42503008.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4277253C.dll Infected: Trojan.Win32.StartPage.gv 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\42984918.dll Infected: Trojan.Win32.StartPage.gv 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\42D30255.bin Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\42D30255.dll Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\43612F65.zip Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\43612F65.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\43612F65.zip Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\43612F65.zip Infected: Trojan-Downloader.Java.OpenConnection.v 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\43671B63 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\44B06C39 Infected: Backdoor.Win32.VB.nb 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\44B772C1.bin Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\44BA1CBD.dll Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\45355CD0 Infected: not-a-virus:AdWare.Win32.NavExcel.o 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\453906CD Infected: not-a-virus:AdWare.Win32.NavExcel.g 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\453C30C9 Infected: not-a-virus:AdWare.Win32.NavExcel.i 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\45EF39DF.htm Infected: Exploit.VBS.Phel.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\45FC61D0.class Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\45FC61D0.htm Infected: Exploit.VBS.Phel.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\461307B7.class Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\461307B7.htm Infected: Exploit.VBS.Phel.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\461A7398.zip Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\461A7398.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\461A7398.zip Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\461A7398.zip Infected: Trojan-Downloader.Java.OpenConnection.v 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\47BC3B01.class Infected: Trojan-Dropper.Java.Beyond.d 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\48D83E19 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\48DB6815 Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\48DE1212 Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\49887C8A.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4A644DDB.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4A644DDB.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4A644DDB.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4A644DDB.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4AD14C3B.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4AD61E51 Infected: Trojan-Dropper.Win32.Small.hx 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4AD9484D Infected: Trojan-Dropper.Win32.Small.hx 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4B2E716F.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4BF457FB Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4C922C2B.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4C980024.class Infected: Trojan.Java.ClassLoader.l 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4C9C068E.class Infected: Trojan.Java.Femad 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4CC64BF2.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4D575AC9.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4D8D244E Infected: Trojan.Java.ClassLoader.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4DC72F49.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4E6E3711.dll Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4E855CF8.dll Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4EA256D8.dll Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4F371FB7 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4F472588.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4F4C452A.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4F4C452A.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4F4C452A.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4F4C452A.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\50795BE0.class Infected: Trojan.Java.ClassLoader.d 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\50E7747D Infected: Trojan.Java.StartPage.j 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5129064B.zip Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5129064B.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5129064B.zip Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5129064B.zip Infected: Trojan-Downloader.Java.OpenConnection.v 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\51AA2F96.class Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\523C7DF0.class Infected: Trojan.Java.ClassLoader.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\523C7DF0.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\523C7DF0.zip Infected: Trojan.Java.ClassLoader.o 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\523C7DF0.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\523C7DF0.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\523C7DF0.zip Infected: Trojan-Downloader.Java.OpenConnection.k 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\523F27EC.class Infected: Trojan.Java.ClassLoader.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\523F27EC.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\52457BE5.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\532F4F56 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\547303CE Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\54772DCA Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\547A57C6 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\547D01C3 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\54E078BD Infected: Trojan.Java.Nocheat 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\55044696 Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\550A1A8E Infected: Trojan.Win32.VB.kq 2
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\55185C59.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\55C945C6.bin Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\55C945C6.dll Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\55CC667E.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\55DB5177 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\564201C0 Infected: Trojan.Win32.Qhost.bi 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\56B63F20 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5850697E Infected: Trojan.Win32.Qhost.bi 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\58840541 Infected: Trojan-Downloader.Win32.Agent.gj 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\58872F3D Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\59386491.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5A4D224C Infected: Trojan.Win32.StartPage.gv 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5A534393 Infected: not-a-virus:AdWare.Win32.NavExcel.i 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5B2E2578.class Infected: Trojan.Java.ClassLoader.k 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5B6211C5 Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5C0B0D54 Infected: Trojan-Downloader.Win32.WinShow.ak 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5C5A7221 Infected: Trojan-Downloader.Win32.Agent.gj 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5C6E6E0B Infected: Trojan-Downloader.Win32.Agent.gj 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5C711808 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5C754204 Infected: Trojan-Downloader.Win32.Agent.gj 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5D613446 Infected: Trojan-Downloader.Win32.WinShow.ak 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5D645E42 Infected: Trojan-Downloader.Win32.Krepper.g 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5DA9592F Infected: Trojan.Java.ClassLoader.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5DE30EE2.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5DE30EE2.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5DE30EE2.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5DE30EE2.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5E6516EF.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5E6516EF.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5E6516EF.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5E6516EF.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5EDD2953 Infected: Trojan-Downloader.Win32.Agent.gj 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5EED4B68 Infected: not-a-virus:AdWare.Win32.NavExcel 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5F0E2AB0.bin Infected: Trojan.Win32.StartPage.uh 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5F1154AC.dll Infected: Trojan.Win32.StartPage.uh 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\616D2958 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\62251DFC.bin Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\62251DFC.dll Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\627144F9.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\629B0DEF.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\62AC34E8 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\62C207AC.class Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\62F363AF.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\62F7258A.class Infected: Trojan.Java.ClassLoader.l 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\62F93846.class Infected: Trojan.Java.ClassLoader.aj 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\631A47DE.class Infected: Trojan.Java.ClassLoader.d 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\631A47DE.htm Suspicious: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\632D576E.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\63456F73 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\635E4D38.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\639D1D3D Infected: Backdoor.Win32.VB.oq 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\642336FF.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\64BB0DD2.bin Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\64BE37CE.dll Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\64DA4FBB.bin Infected: Trojan.Win32.StartPage.uh 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\64DA4FBB.dll Infected: Trojan.Win32.StartPage.uh 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\64F10C1D.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\64FE492B.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\66525AEA.class Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6677516A.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67AD1A2E Infected: Trojan.Win32.StartPage.hi 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67BD1D38.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67DC164F.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\680F6BFB Infected: Trojan.Win32.Small.ai 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\68231340.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\68ED1224.zip Infected: Trojan.Java.ClassLoader.Dummy.e 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\68ED1224.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\68ED1224.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\68ED1224.zip Infected: Trojan-Downloader.Java.OpenStream.h 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\68F300C7 Infected: Backdoor.Win32.VB.oq 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\68F72AC3 Infected: Trojan-Downloader.Win32.Agent.ap 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\68FA54C0 Infected: Trojan-Downloader.Win32.Agent.ab 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\693A084F Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\69582C40 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\69FA6597 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6AC50ECC.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6BD213AE.class Infected: Trojan-Downloader.Java.OpenStream.v 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6C40607D.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6C5844E8.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6C98653F.class Infected: Trojan.Java.ClassLoader.d 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6C98653F.php Infected: Trojan-Downloader.JS.Small.d 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6C98653F.zip Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6C98653F.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6C98653F.zip Infected: Trojan.Java.ClassLoader.Dummy.a 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6C98653F.zip Infected: Trojan-Downloader.Java.OpenConnection.v 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6CE87C4A.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6D3B4E9E Infected: Backdoor.Win32.VB.nb 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6D7055DB Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6D737FD8 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6D7729D4 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6E3A7A18 Infected: Trojan-Downloader.VBS.Psyme.based 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6E4263B8.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6EAB03DC.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6EB45DC8.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6ECB491D Infected: Trojan.Win32.StartPage.gv 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6ED42979 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6EDC559D.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6EE53D20 Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6F82708A Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6FA77010.class Infected: Trojan.Java.ClassLoader.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6FEE43D4 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\708A5FDE.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\70904D81 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\712600D8.dll Infected: not-a-virus:AdWare.Win32.SearchPage 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\71CD4A84.htm Suspicious: Exploit.HTML.CodeBaseExec 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\72EF5F13 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\73233CE4.bin Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\73233CE4.dll Infected: Trojan.Win32.StartPage.is 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\73AC779C.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\73FC57AA Infected: Trojan.Java.Nocheat 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\74213B31 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\74960D02 Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\749936FE Infected: Trojan.Win32.StartPage.qr 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\75805F3D.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\763C1FF0 Infected: Trojan.Java.ClassLoader.ab 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\763C1FF0 Infected: Trojan-Downloader.Java.OpenConnection.x 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\764273E9 Infected: Trojan-Downloader.Java.OpenStream.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7B0D31B1 Infected: Trojan.Win32.StartPage.gv 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7BE34B3E.dll Infected: Trojan.Win32.StartPage.uh 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7BF74728.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C00451E.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C1B1501.dll Infected: Trojan.Win32.StartPage.uh 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C2168FA.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C2412F6.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C2B66EF.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C2E10EB.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C313AE8.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C3564E4.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C3B38DD.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C420CD6.dll Infected: Trojan.Win32.StartPage.uh 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C4536D2.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C873BFD.zip Infected: Trojan.Java.ClassLoader.o 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C873BFD.zip Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C873BFD.zip Infected: Trojan.Java.ClassLoader.Dummy.c 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7C873BFD.zip Infected: Trojan-Downloader.Java.OpenConnection.k 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7CDC2E2D.class Infected: Exploit.Java.ByteVerify 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7D0223DB.htm Infected: Exploit.HTML.Mht 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7EDA4100.dll Infected: Trojan.Win32.StartPage.uz 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7F430B3D.dll Infected: Trojan.Win32.StartPage.ix 1
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7F6A3E3D.class Infected: Trojan.Java.ClassLoader.d 1
The selected area was scanned.


info.txt logfile of random's system information tool 1.01 2008-09-16 08:12:17

Uninstall list

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
56Kbps Internal Modem-->C:\WINDOWS\Modio\SLAMR2KV\Setup.exe /Remove
ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
AceGain LiveUpdate 1.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\AceGain\LiveUpdate\irunin.ini"
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
AIM 6-->C:\Program Files\AIM6\uninst.exe
AOL Instant Messenger-->C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
Apple Mobile Device Support-->MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ares 1.8.1-->"C:\Program Files\Ares\uninstall.exe"
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Azureus-->C:\Program Files\Azureus\Uninstall.exe
Battlecraft 1942-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBD40517-2A65-4683-A164-E1F1E5770BAB}\setup.exe" -l0x9
Battlecraft Vietnam-->C:\WINDOWS\iun6002.exe "C:\Program Files\EA GAMES\Battlecraft Vietnam\irunin.ini"
Battlefield 1942 Secret Weapons of WWII Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{909354DE-C180-4B00-B61F-9A6D805E5796}\setup.exe" -l0x9
Battlefield 1942: Secret Weapons of WWII-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B73B4A99-4173-4747-BBEC-0F05E966F9D2}\setup.exe" -l0x9
Battlefield 1942: The Road To Rome-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}\setup.exe" -l0x9
Battlefield 1942-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\setup.exe" -l0x9
Battlefield Mod Development Toolkit 2.0 Beta-->C:\WINDOWS\iun6002.exe "C:\Program Files\EA GAMES\Battlefield Mod Development Toolkit\MDT.ini"
Battlefield Vietnam™-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E35B3C63-E958-4E31-A178-95D22024109A}\setup.exe" -l0x9
BigFix-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll"
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
CC_ccProxyMSI-->MsiExec.exe /I{A398F2DC-D706-4bb2-AC38-5532CD229D08}
CC_ccStart-->MsiExec.exe /I{D6414CC7-F215-467F-88B1-546ED863F35B}
ccCommon-->MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
Cisco Systems VPN Client 5.0.01.0600-->MsiExec.exe /X{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CompuServe-->C:\Program Files\Common Files\csshare\csunins_us.exe
eMachines Bay Reader V1.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C9C8FC30-AD33-4186-A064-46A2C5A80A5B}
eMusic - 50 Free MP3 offer-->"C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe"
exPressit S.E. 2.2-->"C:\Program Files\exPressit S.E. 2.2\UninstallerData\Uninstall exPressit S.E. 2.2.exe"
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
HighMAT Extension to Microsoft Windows XP CD Writing Wizard-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
iPod Updater 2004-11-15-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{06E73C0B-7DE7-4F41-860B-587033B75BD9} /l1033
iTunes-->MsiExec.exe /I{3DE0053C-FD9A-483E-B7C9-B06E4392206E}
Java 2 Runtime Environment Standard Edition v1.3.1_02-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\JavaSoft\JRE\1.3.1_02\Uninst.isu"
Java 2 Runtime Environment Standard Edition v1.3.1-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\JavaSoft\JRE\1.3.1\Uninst.isu"
Java 2 Runtime Environment, SE v1.4.2_03-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
LANGUAGE!® Words for Teachers-->C:\PROGRA~1\SOPRIS\LANGUA~1\WORDSF~1\UNWISE.EXE C:\PROGRA~1\SOPRIS\LANGUA~1\WORDSF~1\INSTALL.LOG
Lavasoft VX2 Cleaner-->C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\INSTALL.LOG
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
Lexmark X1100 Series-->C:\WINDOWS\System32\spool\drivers\w32x86\3\LXBKUN5C.EXE -dLexmark X1100 Series
LG USB Drivers-->C:\PROGRA~1\LGDRIV~1\LGUSBD~1\UNWISE.EXE C:\PROGRA~1\LGDRIV~1\LGUSBD~1\INSTALL.LOG
LiveReg (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 3.0 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Macromedia Flash Player 8-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Mahjong Towers Eternity (remove only)-->"C:\Program Files\Yahoo! Games\Mahjong Towers Eternity\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Age of Empires Gold-->"C:\Program Files\Microsoft Games\Age of Empires\UNINSTAL.EXE" /runtemp
Microsoft Age of Empires II: The Conquerors Expansion-->"C:\Program Files\Microsoft Games\Age of Empires II\UNINSTALX.EXE" /runtemp /addremove
Microsoft Age of Empires II-->"C:\Program Files\Microsoft Games\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
Microsoft AntiSpyware-->MsiExec.exe /I{536F7C74-844B-4683-B0C5-EA39E19A6FE3}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Money 2004 System Pack-->MsiExec.exe /I{8C64E145-54BA-11D6-91B1-00500462BE80}
Microsoft Money 2004-->MsiExec.exe /I{1D643CD7-4DD6-11D7-A4E0-000874180BB3}
Microsoft Office Converter Pack-->MsiExec.exe /X{6EECB283-E65F-40EF-86D3-D51BF02A8D43}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B0-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Microsoft Works 7.0-->MsiExec.exe /I{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Music Assistant-->rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
MSRedist-->MsiExec.exe /I{FC37ABD0-2108-4beb-B010-1254E0662B5A}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Multimedia Keyboard Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF262740-C85A-11D5-BBEC-00D0B740900A}\Setup.exe" -l0x9
Netscape 6 (6.2.1)-->C:\WINDOWS\N6Uninst.exe /ua "6.2.1 (en)"
Norton AntiSpam-->MsiExec.exe /I{3B29A786-5803-4e9e-9B58-3014A5B4E519}
Norton AntiSpam-->MsiExec.exe /I{5677563D-0CB1-485f-9E18-C5025306BB3F}
Norton AntiVirus-->MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
Norton Internet Security (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\SymSetup\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe /X
Norton Internet Security-->MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125}
Norton Internet Security-->MsiExec.exe /I{449F3A9E-9903-4a0d-A209-08030D45A935}
Norton Internet Security-->MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
Norton Internet Security-->MsiExec.exe /I{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F}
Norton Internet Security-->MsiExec.exe /I{91AA4B1F-B918-4e0b-A304-F8D4EC5D7726}
Norton Internet Security-->MsiExec.exe /I{A93C9E60-29B6-49da-BA21-F70AC6AADE20}
Norton Internet Security-->MsiExec.exe /I{E47EE8FB-ACC0-4608-859C-4E2851B18A6A}
Norton Internet Security-->MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Internet Security-->MsiExec.exe /I{FC2C0536-583C-46c0-844A-62CECAE01F22}
Norton WMI Update-->MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352}
NVIDIA Audio Driver-->C:\WINDOWS\System32\nvuaudio.exe Uninstall C:\WINDOWS\System32\nvaudio.nvu,NVIDIA Audio Driver
NVIDIA Drivers-->C:\WINDOWS\system32\nvuaudio.exe UninstallGUI
NVIDIA nForce Drivers-->C:\WINDOWS\System32\nvuninst.exe Uninstall C:\WINDOWS\System32\NVU001.nvu,NVIDIA nForce Drivers
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nv4_disp.inf
Panda ActiveScan-->C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe"
Poker Superstars II (remove only)-->"C:\Program Files\Yahoo! Games\Poker Superstars II\Uninstall.exe"
Pop-Up Stopper Free Edition-->C:\PROGRA~1\PANICW~1\POP-UP~1\UNWISE.EXE C:\PROGRA~1\PANICW~1\POP-UP~1\INSTALL.LOG
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PunkBuster for Battlefield Vietnam-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D07643A3-CE41-4286-8C78-EB9C83E76DDB}\setup.exe" -l0x9
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Risk-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Risk\Uninst.isu"
Security Task Manager 1.6e-->C:\Program Files\Security Task Manager\Uninstal.exe "C:\Documents and Settings\All Users\Start Menu\Programs\Security Task Manager"
Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Shutterfly Plugin-->C:\PROGRA~1\SHUTTE~1\UNWISE.EXE C:\PROGRA~1\SHUTTE~1\INSTALL.LOG
Sid Meier's SimGolf-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C4504A1-9280-11D5-9F7E-00902712427E}\setup.exe"
Simplify Media-->MsiExec.exe /X{92CBAE16-4BA2-469D-914D-B81CBC7B23D4}
Sporting Bet USA-->"C:\Program Files\Sporting Bet USA\unstall.exe" "Sporting Bet USA" uninstall
Spy Sweeper-->"C:\Program Files\Webroot\Spy Sweeper\unins000.exe"
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
SpywareBlaster 4.0-->"C:\Program Files\SpywareBlaster\unins000.exe"
SpywareGuard v2.2-->"C:\Program Files\SpywareGuard\unins000.exe"
SuperBook Poker-->C:\Program Files\SuperBook Poker\uninstall.exe
Symantec Script Blocking Installer-->MsiExec.exe /I{D327AFC9-7BAA-473A-8319-6EB7A0D40138}
The Print Shop 20-->MsiExec.exe /I{F9001C89-8036-4673-9577-E7CD8564807C}
The Rosetta Stone-->C:\WINDOWS\unvise32.exe C:\Program Files\The Rosetta Stone\TRS Support\uninstal.log
Tweak-SE plug-in for Ad-Aware SE-->C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\tweakse\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\tweakse\INSTALL.LOG
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
V CAST Music-->MsiExec.exe /X{3249FD43-B24B-413F-B786-F8FEA32FA747}
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Manager (Remove Only)-->C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
VX2 Cleaner plug-in for Ad-Aware SE-->C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\VX2CLE~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\VX2CLE~1\INSTALL.LOG
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Backup Utility-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
WJ III Compuscore and Profiles Program-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Riverside Publishing Company\WJ III Compuscore\WJ3uninst.isu"
Yahoo! Address AutoComplete-->C:\WINDOWS\System32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\yaddbook.dll
Yahoo! extras-->C:\Program Files\Yahoo!\Common\unycust.exe /S
Yahoo! Internet Mail-->C:\WINDOWS\System32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
Yahoo! Messenger Explorer Bar-->C:\WINDOWS\System32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\COMPAN~1\Modules\messmod2\v4\yhexbmes.dll
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar-->rundll32.exe C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\YCOMP5~1.DLL,DllCommand ui

Hosts File

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

Security center information

AV: AVG Anti-Virus Free
AV: Norton AntiVirus (outdated)
FW: Norton Internet Security

Environment variables

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip

-----------------EOF-----------------



Logfile of random's system information tool 1.01 (written by random/random)
Run by C. Jason Checca at 2008-09-16 08:10:49
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 77 GB (50%) free of 153 GB
Total RAM: 447 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:12:05 AM, on 9/16/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Simplify Media\SimplifyMedia.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Simplify Media\SimplifyPeer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\C. Jason Checca\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\C. Jason Checca.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.espn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Simplify Media] "C:\Program Files\Simplify Media\SimplifyMedia.exe"
O4 - HKCU\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"
O4 - HKCU\..\RunOnce: [TSClientAXDisabler] cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - c:\program files\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - c:\program files\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: (no name) - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - (no file)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1125413682140
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://mycampus.phoenix.edu/secure/PhxStudent15.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{96F4AB48-85D1-4262-8F96-611F40B400DE}: NameServer = 68.94.156.1,68.94.157.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 13513 bytes

Scheduled tasks folder

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - C. Jason Checca.job
C:\WINDOWS\tasks\Symantec NetDetect.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-08-29 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}]
SpywareGuardDLBLOCK.CBrowserHelper - C:\Program Files\SpywareGuard\dlprotect.dll [2003-08-02 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
CNavExtBho Class - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll [2003-11-24 103368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Companion - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll [2004-01-07 272983]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll [2003-11-24 103368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2003-05-02 4640768]
"nwiz"=nwiz.exe /install []
"Lexmark X1100 Series"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2003-03-28 57344]
"SunJavaUpdateSched"=C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe [2003-11-19 32881]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2005-07-01 71280]
"URLLSTCK.exe"=C:\Program Files\Norton Internet Security\UrlLstCk.exe [2003-12-11 70800]
"Symantec NetDriver Monitor"=C:\PROGRA~1\SYMNET~1\SNDMon.exe [2005-05-15 100056]
"SpySweeper"=C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe [2005-08-02 3071488]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2006-06-21 35328]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-08-29 1235736]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-07-30 289064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PopUpStopperFreeEdition"=C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe [2003-04-29 524288]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"Aim6"=C:\Program Files\AIM6\aim6.exe [2008-01-03 50528]
"PeerGuardian"=C:\Program Files\PeerGuardian2\pg2.exe [2005-09-18 1421824]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-08-18 1832272]
"Simplify Media"=C:\Program Files\Simplify Media\SimplifyMedia.exe [2008-08-22 1605640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"TSClientMSIUninstaller"=cmd.exe /C cscript C:\WINDOWS\Installer\TSClientMsiTrans\tscuinst.vbs []
"TSClientAXDisabler"=cmd.exe /C C:\WINDOWS\Installer\TSClientMsiTrans\tscdsbl.bat []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\2N85L533MR#GJT]
C:\WINDOWS\System32\Yan1L.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AceGain LiveUpdate]
C:\Program Files\AceGain\LiveUpdate\LiveUpdate.exe [2003-12-31 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cB79Rjj2V]
immgkl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-04-03 165784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dsi]
C:\WINDOWS\System32\dp-him.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gcasServ]
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe [2004-12-31 469824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2007-04-09 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\showicon2k]
C:\Program Files\\eM\Bay Reader\Shwicon2k.exe [2003-07-04 135168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sp]
rundll32 C:\WINDOWS\TEMP\se.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\syslw32.exe]
C:\WINDOWS\system32\syslw32.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsoV3tP]
wuakcopy.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\yi3YSOCnc]
C:\documents and settings\c. jason checca\local settings\temp\yi3YSOCnc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk]
C:\PROGRA~1\BigFix\BigFix.exe [2002-07-31 1742384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
C:\PROGRA~1\WinZip\WZQKPICK.EXE [2006-02-16 122880]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
VPN Client.lnk - C:\WINDOWS\Installer\{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}\Icon3E5562ED7.ico

C:\Documents and Settings\C. Jason Checca\Start Menu\Programs\Startup
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{9EF34FF2-3396-4527-9D27-04C8C1C67806}"=C:\Program Files\Microsoft AntiSpyware\shellextension.dll [2004-12-31 93408]
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=C:\Program Files\SpywareGuard\spywareguard.dll [2003-08-02 126976]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\EA GAMES\Battlefield 1942\BF1942.exe"="C:\Program Files\EA GAMES\Battlefield 1942\BF1942.exe:*:Disabled:BF1942"
"C:\Program Files\aim\aim.exe"="C:\Program Files\aim\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\AGE2_X1.ICD"="C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\AGE2_X1.ICD:*:Enabled:Age of Empires II Expansion"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Common Files\AOL\1138569811\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1138569811\ee\aolsoftware.exe:*:Enabled:AOL Services"
"C:\Program Files\Common Files\AOL\1138569811\ee\aim6.exe"="C:\Program Files\Common Files\AOL\1138569811\ee\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\EA GAMES\Battlefield Vietnam\bfvietnam.exe"="C:\Program Files\EA GAMES\Battlefield Vietnam\bfvietnam.exe:*:Enabled:bfvietnam"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Disabled:LEXPPS.EXE"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Simplify Media\SimplifyPeer.exe"="C:\Program Files\Simplify Media\SimplifyPeer.exe:*:Enabled:Simplify Media Peer"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\aim\aim.exe"="C:\Program Files\aim\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{729157d8-92fd-11dc-b232-0040ca6decd0}]
shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c07a61f4-27c8-11db-b1f9-0040ca6decd0}]
shell\AutoRun\command - J:\LaunchU3.exe


List of files/folders created in the last three months

2008-09-16 08:10:49 ----D---- C:\rsit
2008-09-11 03:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-11 03:01:23 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-01 14:26:29 ----D---- C:\Program Files\SOPRIS
2008-08-29 15:13:28 ----D---- C:\Program Files\Simplify Media
2008-08-25 03:01:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-08-24 18:10:05 ----D---- C:\WINDOWS\Prefetch
2008-08-24 18:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-08-24 18:02:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-24 18:02:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-24 18:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-08-24 18:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-08-24 18:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-08-24 18:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-08-24 18:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-24 18:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-24 18:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-08-24 18:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2008-08-24 18:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-24 17:53:35 ----D---- C:\WINDOWS\system32\en-us
2008-08-24 17:53:33 ----D---- C:\WINDOWS\system32\scripting
2008-08-24 17:53:31 ----D---- C:\WINDOWS\l2schemas
2008-08-24 17:53:29 ----D---- C:\WINDOWS\system32\en
2008-08-24 17:43:53 ----D---- C:\WINDOWS\network diagnostic
2008-08-22 14:41:48 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-08-22 14:41:42 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-08-22 14:41:38 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-08-22 14:41:36 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-08-22 14:41:36 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-08-22 14:41:19 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-08-22 14:41:18 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-08-22 14:40:55 ----N---- C:\WINDOWS\system32\setupn.exe
2008-08-22 14:40:47 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-08-22 14:40:43 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-08-22 14:40:42 ----N---- C:\WINDOWS\system32\qutil.dll
2008-08-22 14:40:40 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-08-22 14:40:39 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-08-22 14:40:39 ----N---- C:\WINDOWS\system32\qagent.dll
2008-08-22 14:40:36 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-08-22 14:40:30 ----N---- C:\WINDOWS\system32\onex.dll
2008-08-22 14:40:11 ----N---- C:\WINDOWS\system32\napstat.exe
2008-08-22 14:40:11 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-08-22 14:40:11 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-08-22 14:40:08 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-08-22 14:40:08 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-08-22 14:40:03 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-08-22 14:40:03 ----N---- C:\WINDOWS\system32\mssha.dll
2008-08-22 14:39:36 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-08-22 14:39:35 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-08-22 14:39:35 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-08-22 14:39:34 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-08-22 14:39:19 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-08-22 14:39:02 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-08-22 14:39:00 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-08-22 14:39:00 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-08-22 14:39:00 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-08-22 14:38:59 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-08-22 14:38:09 ----A---- C:\WINDOWS\005562_.tmp
2008-08-22 14:38:04 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-08-22 14:38:04 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-08-22 14:38:04 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-08-22 14:38:04 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-08-22 14:38:04 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-08-22 14:38:04 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-08-22 14:38:03 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-08-22 14:38:03 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-08-22 14:37:55 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-08-22 14:37:55 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-08-22 14:37:55 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-08-22 14:37:55 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-08-22 14:37:55 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-08-22 14:37:55 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-08-22 14:37:55 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-08-22 14:37:51 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-08-22 14:37:51 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-08-22 14:37:48 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-08-22 14:37:41 ----N---- C:\WINDOWS\system32\credssp.dll
2008-08-22 14:37:27 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-08-22 14:37:26 ----N---- C:\WINDOWS\system32\azroles.dll
2008-08-22 14:37:04 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-08-13 03:20:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-08-13 03:20:49 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-08-13 03:20:36 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-13 03:19:24 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-08-13 03:11:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-13 03:10:49 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-08-13 03:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-08-13 03:07:35 ----HDC---- C:\WINDOWS\$NtUninstallKB953838_0$
2008-07-24 23:30:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2008-07-21 21:05:12 ----D---- C:\Program Files\Trend Micro
2008-07-17 11:59:16 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-17 11:57:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-13 20:07:05 ----D---- C:\Program Files\Bonjour
2008-06-26 03:05:11 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$

List of drivers

R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-08-29 97928]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-07-13 26824]
R1 SAVRT;SAVRT; \??\C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS []
R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-04-09 31548]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2005-04-05 267192]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\System32\drivers\symlcbrd.sys []
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-01-29 16168]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-02-16 210128]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060614.035\NAVENG.Sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060614.035\NavEx15.Sys []
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-05-02 1312555]
R3 nvax;Service for NVIDIA® nForce™ Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2004-10-22 53376]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-11-27 80896]
R3 nvnforce;Service for NVIDIA® nForce™ Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2004-10-22 413824]
R3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys []
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-02-16 516616]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-01-17 39348]
R3 SunkFilt;Alcor Micro Corp - 9360; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys []
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2005-04-05 11512]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2005-04-05 173208]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2005-04-05 36984]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20080911.001\symidsco.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2005-04-05 47192]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2005-04-05 17976]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 az2xlo6x;az2xlo6x; C:\WINDOWS\system32\drivers\az2xlo6x.sys []
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\System32\DRIVERS\ENTECH.SYS []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-02-16 1293192]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-02-05 162136]
S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-02-16 85520]
S3 usbbus;LGE CDMA Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2005-05-26 21344]
S3 UsbDiag;LGE CDMA USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2005-05-26 38144]
S3 USBModem;LGE CDMA USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2005-06-24 39036]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

List of services

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-17 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-02-23 100032]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-29 231704]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2005-07-01 255600]
R2 ccProxy;Symantec Network Proxy; C:\Program Files\Common Files\Symantec Shared\ccProxy.exe [2005-02-28 218736]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2005-07-01 235120]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-07-16 1524512]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-03-28 303104]
R2 navapsvc;Norton AntiVirus Auto Protect Service; C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe [2004-04-23 158848]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-05-02 69632]
R2 SAVScan;SAVScan; C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe [2005-01-25 194272]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-01-17 45056]
R2 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2005-04-05 206552]
R2 svcWRSSSDK;Webroot Spy Sweeper Engine; C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe [2005-08-02 1700864]
R2 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2004-07-03 585728]
R2 SymWSC;SymWMI Service; C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe [2004-11-02 316544]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2001-05-01 53248]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264]
S2 SBService;ScriptBlocking Service; C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe [2003-06-24 66784]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 ccPwdSvc;Symantec Password Validation; C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2005-07-01 87664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-02-23 2045632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------

#4 Baabiouz

Baabiouz

    Finnish Malware Fighter


  • Members
  • 3,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:01:18 AM

Posted 17 September 2008 - 08:35 AM

Hello

Step #1
I see that Viewpoint is installed. Viewpoint, Viewpoint Manager, Viewpoint Media Player are Viewpoint components which are installed as a side effect of installing other software, most notably AOL and AOL Instant Messenger (AIM). Viewpoint Manager is responsible for managing and updating Viewpoint Media Player components. You can disable this using the Viewpoint Manager Control Panel found in the Windows Control Panel menu. By selecting Disable auto-updating for the Viewpoint Manager -- the player will no longer attempt to check for updates. Anything that is installed without your consent is suspect. Read what Viewpoint says and make your own decision.

To provide a satisfying consumer experience and to operate effectively, the Viewpoint Media Player periodically sends information to servers at Viewpoint. Each installation of the Viewpoint Media Player is identifiable to Viewpoint via a Customer Unique Identifier (CUID), an alphanumeric identifier embedded in the Viewpoint Media Player. The Viewpoint Media Player randomly generates the CUID during installation and uses it to indicate a unique installation of the product. A CUID is never connected to a user's name, email address, or other personal contact information. CUIDs are used for the sole purpose of filtering redundant information. Each of these information exchanges occurs anonymously.


Viewpoint Manager is considered as foistware instead of malware since it is installed without user's approval but doesn't spy or do anything "bad". This may change, read Viewpoint to Plunge Into Adware.
I recommend that you remove the Viewpoint products; however, decide for yourself. To uninstall the the Viewpoint components (Viewpoint, Viewpoint Manager, Viewpoint Media Player):

1. Click Start, point to Settings, and then click Control Panel.
2. In Control Panel, double-click Add or Remove Programs.
3. In Add or Remove Programs, highlight >>Viewpoint Manager Service<< , click Remove.

Step #2
Please open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below:

O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - c:\program files\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - c:\program files\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra button: (no name) - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - (no file)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\PartyGaming\PartyPoker\RunApp.exe (file missing)


Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis.

Step #3
Backup Your Registry with ERUNT
  • Please click HERE to download Erunt.zip
  • Unzip all the files into a folder of your choice.
Click Erunt.exe to backup your registry to the folder of your choice.

Note: to restore your registry, go to the folder and start ERDNT.exe

Please run Notepad and paste the following text into a new file:

REGEDIT4

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\2N85L533MR#GJT]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cB79Rjj2V]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dsi]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sp]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\syslw32.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsoV3tP]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\yi3YSOCnc]


Save the file to the desktop as fix.reg and make sure the "Save as Type" field says "All Files". Then please go to the desktop and double-click on fix.reg, and click Yes to merge it with the registry.

Reboot your computer.

Step #4
View Hidden Files & Folders Windows XP
To view Hidden Files & Folders do the following:
Click Start
Open My Computer
Select the Tools menu and click Folder Options
Select the View Tab
Under the Hidden files and folders heading select Show hidden files and folders
Uncheck the Hide protected operating system files (recommended) option
Click Yes to confirm
Click OK

Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete these files(if present):

C:\WINDOWS\System32\Yan1L.exe
C:\WINDOWS\System32\dp-him.exe
C:\WINDOWS\system32\syslw32.exe
C:\WINDOWS\system32\immgkl.exe (May found in Windows folder)
C:\WINDOWS\system32\wuakcopy.exe (May found in Windows folder)
C:\WINDOWS\TEMP\se.dll
C:\documents and settings\c. jason checca\local settings\temp\yi3YSOCnc.exe

If you can't delete some file, please tell me about that.

Please remove this folder:
C:\Program Files\Viewpoint

Please empty next folders:

C:\Program Files\Norton AntiVirus\Quarantine
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine

Step #5
Please download ATF-cleaner and save it to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Click the Empty Selected button.

    If you use Firefox browser:

  • Click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    If you use Opera browser:

  • Click Opera at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Step #6
Malwarebytes' Anti-Malware
Download Malwarebytes' Anti-Malware here and save to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to:
    Update Malwarebytes' Anti-Malware
    Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
    Note:
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  • Or via the Logs tab when Malwarebytes' Anti-Malware is started.
Step #7
Please post Mbam report and a frehs HijackThis log back here :thumbsup:
Posted Image

#5 kdrman

kdrman
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:18 PM

Posted 17 September 2008 - 09:20 PM

Alright I've done all that you've said. The only thing that I was unable to do was delete these files:

C:\WINDOWS\System32\Yan1L.exe
C:\WINDOWS\System32\dp-him.exe
C:\WINDOWS\system32\syslw32.exe
C:\WINDOWS\system32\immgkl.exe (May found in Windows folder)
C:\WINDOWS\system32\wuakcopy.exe (May found in Windows folder)
C:\WINDOWS\TEMP\se.dll
C:\documents and settings\c. jason checca\local settings\temp\yi3YSOCnc.exe

as they were not there.

Other than that everything went well. Here are the logs...and thank you again:

Malwarebytes' Anti-Malware 1.28
Database version: 1166
Windows 5.1.2600 Service Pack 3

9/17/2008 7:13:27 PM
mbam-log-2008-09-17 (19-13-27).txt

Scan type: Full Scan (C:\|)
Objects scanned: 169365
Time elapsed: 1 hour(s), 53 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.

Files Infected:
(No malicious items detected)






Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:20:03 PM, on 9/17/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Simplify Media\SimplifyMedia.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Simplify Media\SimplifyPeer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.espn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Simplify Media] "C:\Program Files\Simplify Media\SimplifyMedia.exe"
O4 - HKCU\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"
O4 - HKCU\..\RunOnce: [TSClientAXDisabler] cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1125413682140
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://mycampus.phoenix.edu/secure/PhxStudent15.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{96F4AB48-85D1-4262-8F96-611F40B400DE}: NameServer = 68.94.156.1,68.94.157.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 12469 bytes

#6 Baabiouz

Baabiouz

    Finnish Malware Fighter


  • Members
  • 3,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:01:18 AM

Posted 18 September 2008 - 12:12 AM

Hello

You may have Antivirus in Norton Internet Security (Please make sure its working), so you don't need other antivirus, AVG8. Use only one antivirus and one firewall. :thumbsup:
If you have Antivirus installed/used in Norton IS, please uninstall AVG8.


Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) and save it to your desktop.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 7...allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u7-windows-i586-p.exe to install the newest version.
To Clear the Java Runtime Environment (JRE) cache, do this:
  • Click Start > Settings > Control Panel.
  • Double-click the Java icon.
    -The Java Control Panel appears.
  • Click "Settings" under Temporary Internet Files.
    -The Temporary Files Settings dialog box appears.
  • Click "Delete Files".
    -The Delete Temporary Files dialog box appears.
    -There are three options on this window to clear the cache.
    • Delete Files
    • View Applications
    • View Applets
  • Click "OK" on Delete Temporary Files window.
    -Note: This deletes all the Downloaded Applications and Applets from the cache.
  • Click "OK" on Temporary Files Settings window.
  • Close the Java Control Panel.
You can also view these instructions along with screenshots here.


Please post a fresh HijackThis log here :)
How's your PC working now? :)

Edited by Baabiouz, 18 September 2008 - 12:13 AM.

Posted Image

#7 kdrman

kdrman
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:18 PM

Posted 18 September 2008 - 11:06 AM

Thank you for your help.

I updated the Java without problems.

As for the Norton v. AVG: I have not particularly liked Norton as it has not really caught much of anything now or in the past. Would you advice I stick with AVG instead or Norton or a different anti-virus all together? I have found AVG to be pretty good to date so that is why I was thinking of sticking with it.


Otherwise, when I start up the computer there is a message saying:

System settings protector has encountered a problem...

I believe this is from spybot S&D.

Other than that it seems to be working ok and going faster. I will post in a day or so if nothing happens (unless of course there is more you believe I should do). Here is my HJT log...and thank you so very much.

#8 kdrman

kdrman
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:18 PM

Posted 18 September 2008 - 11:07 AM

Posting the log might help :thumbsup:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:05:51 AM, on 9/18/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.espn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Simplify Media] "C:\Program Files\Simplify Media\SimplifyMedia.exe"
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod2\v4\yhexbmes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1125413682140
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://mycampus.phoenix.edu/secure/PhxStudent15.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{96F4AB48-85D1-4262-8F96-611F40B400DE}: NameServer = 68.94.156.1,68.94.157.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 12113 bytes

#9 Baabiouz

Baabiouz

    Finnish Malware Fighter


  • Members
  • 3,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:01:18 AM

Posted 18 September 2008 - 11:39 AM

Hello

Would be better to change the firewall also, if you don't use Norton's antivirus. AVG and Norton may not be good team. If you feel it works, you can use it. I don't have experience of that.

Turning off Teatimer may help to this problem:

System settings protector has encountered a problem...


Edited by Baabiouz, 18 September 2008 - 11:39 AM.

Posted Image

#10 kdrman

kdrman
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:18 PM

Posted 18 September 2008 - 09:57 PM

I'm sorry, what is teatimer and how do I turn it off?

#11 Baabiouz

Baabiouz

    Finnish Malware Fighter


  • Members
  • 3,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:01:18 AM

Posted 19 September 2008 - 07:12 AM

Teatimer is Spybot S&D's realtimeprotector.

To disable Teatimer

First:
  • Right click Spybot in the System Tray (looks like a calendar with a padlock symbol)
  • Choose Exit Spybot S&D Resident
Second:
  • Open Spybot S&D
  • Click Mode, check Advanced Mode
  • Go To Left Panel, Click Tools, then also in left panel, click Resident
  • If your firewall raises a question, say OK
  • Uncheck the box labeled Resident Tea-Timer and OK any prompts.
  • Use File, Exit to terminate Spybot
  • Reboot your machine for the changes to take effect.

Edited by Baabiouz, 19 September 2008 - 07:13 AM.

Posted Image

#12 kdrman

kdrman
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:18 PM

Posted 23 September 2008 - 12:09 AM

I've been using her for a few days and she seems to be working great...thank you very very much.

Bleepingcomputer is awesome.

#13 Baabiouz

Baabiouz

    Finnish Malware Fighter


  • Members
  • 3,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:01:18 AM

Posted 23 September 2008 - 07:42 AM

You're welcome :thumbsup:

Looks clean, great job! :)

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Next we remove all used tools.

Please download OTCleanIt and save it to desktop.
  • Double-click OTCleanIt.exe.
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not delete it by yourself.
Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.
  • Disable and Enable System Restore. - If you are using Windows XP or Vista then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.

    You can find instructions on how to enable and re-enable system restore here:

    Windows XP System Restore Guide
Re-enable system restore with instructions from tutorial above
  • Make your Internet Explorer more secure - This can be done by following these simple instructions:
  • From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • Change the Navigate sub-frames across different domains to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
  • Next press the Apply button and then the OK to exit the Internet Properties page.
  • Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

  • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  • Install Malwarebytes' Anti-Malware - Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
    totally free but for real-time protection you will have to pay a small one-time fee. Tutorial on installing & using this product can be found below:

    Malwarebytes' Anti-Malware Setup Guide

    Malwarebytes' Anti-Malware Scanning Guide
  • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.

Here are some additional utilities that will enhance your safety
Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!

The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.

Also, please read this great article by Tony Klein So How Did I Get Infected In First Place

Happy surfing and stay clean!
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users