Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Search Hijacked


  • Please log in to reply
11 replies to this topic

#1 N8Palm

N8Palm

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 02 February 2007 - 04:19 PM

Thanks in advance for your help.

I downloaded a movie from a torrent (Using BitCommet) recently, and picked up some sort of bug that will not allow me to go to Google search items. I can do a Google search, but if I click on any of the items on the search page I get sent to other search engines like Monstermarketplace and others.

I have run:

CC cleaner
AD- Aware
Norton Cleanup
Norton Virus scan
Stinger
Spy-bot S&D
AVG scanner
tried the Panda thing (didn't buy the program, tried free scan, took too long, didn't identify problem, just told me there were problems)

None of these seem to be getting rid of it. In-fact, I can't even identify what it is, specifically. I have never used "Hijack this" Usually I am able to find and remove the problem but this one has got me licked.
Here is my "hijack this" log:

Logfile of HijackThis v1.99.1
Scan saved at 3:06:35 PM, on 2/2/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Allume\StuffIt\MXTask.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\Program Files\TOSHIBA\TME3\TMETEMNU.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe
C:\Program Files\Toshiba\TapButton\TapButt.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe
C:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\Symbol Commander\Sensiva.exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Palm\Hotsync.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Documents and Settings\Administrator\Desktop\Help!\HijackThis.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshiba.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = N8'S INTERNET EXPLORER
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - (no file)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [CrossMenu] C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe
O4 - HKLM\..\Run: [TapButt] C:\Program Files\Toshiba\TapButton\TapButt.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TAcelMgr] C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe
O4 - HKLM\..\Run: [TosRotation] "C:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe"
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [Sensiva] "C:\Symbol Commander\Sensiva.exe"
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk.disabled
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Send to OneNote - {6EB2AA45-3F30-40e1-9864-45EB153C6EDC} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.symantec.com/techsupp/as...rl/LSSupCtl.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/download...ne_Inst_Win.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/14.21/uploader2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1150007000191
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} - http://updates.lifescapeinc.com/installers...ll/pinstall.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1150008007607
O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgUS2404.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = N8
O17 - HKLM\Software\..\Telephony: DomainName = N8
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F2B1C1C-8F5C-4D34-A136-C0397AC8C02D}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{2DE75430-0A93-440B-8D9F-0A83DAB9075A}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{84B83F8B-EBDD-44EA-8AB6-491757FC7E84}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0B8A99D-3B37-495A-94B2-09EDBB7A824D}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE3E5375-C4B6-45C3-AAD1-ED1F4FFBAA8C}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2D5C40D-FBC4-4ACF-B00E-7B547D117FA9}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{DAEC7DED-FC0D-4642-B314-5B5BA3C78D11}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = N8
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.11 85.255.112.234
O17 - HKLM\System\CS2\Services\Tcpip\..\{0F2B1C1C-8F5C-4D34-A136-C0397AC8C02D}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = N8
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.114.11 85.255.112.234
O17 - HKLM\System\CS3\Services\Tcpip\..\{0F2B1C1C-8F5C-4D34-A136-C0397AC8C02D}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.11 85.255.112.234
O20 - Winlogon Notify: cfgmngr32 - C:\WINDOWS\g4009345.dll (file missing)
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winful32 - winful32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StuffIt Task Manager - Allume Systems, Inc. - C:\PROGRA~1\Allume\StuffIt\MXTask.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Tmesrv3 (Tmesrv) - Unknown owner - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe" /Service (file missing)

Can you tell me what to do next?
Thanks again,

N8

BC AdBot (Login to Remove)

 


#2 N8Palm

N8Palm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 02 February 2007 - 04:47 PM

I found this on the forum and tried it too. Maybe this will help?

Fixwareout
Last edited 1/30/2007
Post this report in the forums please
...
Prerun check
»»»»» HKLM run and Winlogon System values
C:\WINDOWS\System32\kdjfc.exe will be moved to C:\WINDOWS\temp\kdjfc.ren at reboot.

»»»»» System restarted
Reg Entries that were deleted
...
Random Runs removed from HKLM
...

»»»»» Misc files.

»»»»» Checking for older varients.

»»»»» Postrun check
»»»»» HKLM run
»»»»» Winlogon System value
"system"=""
»»»»»

PLEASE NOTE, There CAN be LEGITIMATE FILES LISTED IN THIS SECTION.

This WILL/CAN also list Legit Files, Submit them at Virustotal
Search five digit cs, dm kd and jb files.
»»»»»
»»»»» Current runs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"00THotkey"="C:\\WINDOWS\\System32\\00THotkey.exe"
"CrossMenu"="C:\\Program Files\\Toshiba\\CrossMenu\\CrossMenu.exe"
"TapButt"="C:\\Program Files\\Toshiba\\TapButton\\TapButt.exe"
"000StTHK"="000StTHK.exe"
"TPSMain"="TPSMain.exe"
"TMESRV.EXE"="C:\\Program Files\\TOSHIBA\\TME3\\TMESRV31.EXE /Logon"
"TMERzCtl.EXE"="C:\\Program Files\\TOSHIBA\\TME3\\TMERzCtl.EXE /Service"
"SmoothView"="C:\\Program Files\\TOSHIBA\\TOSHIBA Zooming Utility\\SmoothView.exe"
"TAcelMgr"="C:\\Program Files\\TOSHIBA\\Acceleration Utilities\\TAcelMgr\\TAcelMgr.exe"
"TosRotation"="\"C:\\Program Files\\TOSHIBA\\TOSHIBA Rotation Utility\\TRot.exe\""
"TouchED"="C:\\Program Files\\TOSHIBA\\TouchED\\TouchED.Exe"
"Sensiva"="\"C:\\Symbol Commander\\Sensiva.exe\""
"TosHKCW.exe"="\"C:\\Program Files\\TOSHIBA\\Wireless Hotkey\\TosHKCW.exe\""
"TabletTip"="\"C:\\Program Files\\Common Files\\microsoft shared\\ink\\tabtip.exe\" /resume"
"TabletWizard"="C:\\WINDOWS\\help\\SplshWrp.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"TFNF5"="TFNF5.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_03\\bin\\jusched.exe"
"Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"googletalk"="\"C:\\Program Files\\Google\\Google Talk\\googletalk.exe\" /autostart"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"

Hosts file was reset, If you use a custom hosts file please replace it

Again thanks for your help!

#3 random/random

random/random

  • Malware Response Team
  • 2,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:00 AM

Posted 02 February 2007 - 06:06 PM

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe

Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.

Once the desktop loads please post the text that will open (report.txt) and a new Hijackthis log.

Run HijackThis
Click on do a system scan only
Place a checkmark next to these lines(if still present)

O17 - HKLM\System\CCS\Services\Tcpip\..\{0F2B1C1C-8F5C-4D34-A136-C0397AC8C02D}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{2DE75430-0A93-440B-8D9F-0A83DAB9075A}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{84B83F8B-EBDD-44EA-8AB6-491757FC7E84}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0B8A99D-3B37-495A-94B2-09EDBB7A824D}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE3E5375-C4B6-45C3-AAD1-ED1F4FFBAA8C}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2D5C40D-FBC4-4ACF-B00E-7B547D117FA9}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{DAEC7DED-FC0D-4642-B314-5B5BA3C78D11}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.11 85.255.112.234
O17 - HKLM\System\CS2\Services\Tcpip\..\{0F2B1C1C-8F5C-4D34-A136-C0397AC8C02D}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.114.11 85.255.112.234
O17 - HKLM\System\CS3\Services\Tcpip\..\{0F2B1C1C-8F5C-4D34-A136-C0397AC8C02D}: NameServer = 85.255.114.11,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.11 85.255.112.234

Then close all windows except Hijackthis and click Fix Checked

Please download F-Secure Blacklight (blbeta.exe) and save to your C:\ drive.
1. Open a command window by going to Start > Run and typing: cmd
2. Copy/paste or type the following in the command window:

C:\blbeta.exe /expert

3. Hit "Enter" to start the program and then close the cmd box.
4. Accept the user agreement and click "Next".
5 Click "Scan".
6. After the scan is complete, click "Next", then "Exit". BlackLight will create a log in C:\ drive named "fsbl-xxxxxxx.log" (the xxxxxxx will be the date and time of the scan).
7. The log will have a list of all items found. Do not choose to rename any yet! I want to see the log first because legitimate items can also be present...like "wbemtest.exe".
8. Exit Blacklight and post the contents of the log in your next reply.

Note: If you download Blacklight to your desktop, just double-click to run from there and it will create the "fsbl-xxxxxxx.log" on your desktop.

Go here to run an online scannner from Kaspersky.
  • Click on "Kaspersky Online Scanner"
  • A new smaller window will pop up. Press on "Accept". After reading the contents.
  • Now Kaspersky will update the anti-virus database. Let it run.
  • Click on "Next">"Scan Settings", and make sure the database is set to "extended". And check both the scan options. Then click OK.
  • Then click on "My Computer", and the scan will start.
  • Once finished, save the log as "KAV.txt" to the desktop.
Post back with the Blacklight log, the Kaspersky log and a new HijackThis log

#4 N8Palm

N8Palm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 02 February 2007 - 10:22 PM

Thank you for your prompt response.

First I ran the “Hijack This” and checked all of the 017 boxes except the two that said “Domain = N8” I am not sure what those 2 are or if they should be removed also? I left them for now. I think it is the same as the one listed above.

Also ran FixWareout.

The Kaspersky Scan Ok it is large I hope you wanted it all:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, February 02, 2007 9:41:48 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 3/02/2007
Kaspersky Anti-Virus database records: 264411
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 83108
Number of viruses found: 17
Number of infected objects: 1121 / 0
Number of suspicious objects: 0
Duration of the scan process: 01:18:52

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\Application Data\Microsoft\Templates\Normal.dot Object is locked skipped
C:\Documents and Settings\Administrator\Application Data\Microsoft\Word\STARTUP\OfficeReady StuffIt\ORStuffItMain.dot Object is locked skipped
C:\Documents and Settings\Administrator\Application Data\Microsoft\Word\STARTUP\OrStuffItStart.dot Object is locked skipped
C:\Documents and Settings\Administrator\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Desktop\Help!\Today hijack help.doc Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012007020220070203\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\Perflib_Perfdata_8c0.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF144.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF23C0.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF774A.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFDBFB.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE04C.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE70C.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE7A3.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~WRF0000.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~WRS0001.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat Object is locked skipped
C:\Documents and Settings\Administrator\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12132006-132745.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-02-02_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\000D25D2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00141F02.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00271AEC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00386CDA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\003B16D6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\003E40D3.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00426ACF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00483EC8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\004F12C1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00523CBD.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\005566BA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\005810B6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\005C3AB3.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00620EAB.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\006638A8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\006962A4.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\006C0CA1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\006F369D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00760A96.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00793492.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\007C5E8F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\007D2BDA.wmf Infected: Exploit.Win32.IMG-WMF.v skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00833287.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00865C84.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00972E72.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\009A586E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\009D026B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00A45664.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00A70060.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00B619BC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00B7524E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00BA7C4A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00C8243C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00D8762A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00E603CB.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00E84818.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00EF1C11.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00F2460D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00FC4402.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00FF6DFF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\010C15F1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\010F3FED.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\011C67DF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\012011DB.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\012B2FDC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\013063C9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01397668.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01445FB3.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\014D5DA9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\015431A1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01560673.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\015A059A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01681325.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\016B5788.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\016E0185.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01787F7A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\017B2976.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018F2561.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01924F5D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\019F774F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01A2214B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01AF493D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01B37339.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01C01B2B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01D06D19.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01E03F07.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01E46903.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01F43AF1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\020836DC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\020B60D8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02160117.htm Infected: Exploit.HTML.IframeBof skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\021A2B9B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\021B32C6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\021E5CC3.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02230836.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02242B12.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\022B04B4.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\022F2EB1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\023C56A2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\023F009F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\024F528D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0260247B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02707669.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02732065.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02847253.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02871C50.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\028A7E3D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02911A45.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02AE1425.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02B13E21.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02B366B5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02C2100F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02DC5FF2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02DF09EF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02E617AA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02E73A86.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02EC31E0.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02EF5BDD.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02F07445.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02F11721.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02F305D9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02FC03CE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03107FB9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\031753B2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\031A7DAE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03247BA3.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\032725A0.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0337778E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\033A218A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\034B7378.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\034E1D74.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03514771.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03570D28.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03583005.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\036256D6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\036B1754.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\036F4151.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\037C6942.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\038C3B30.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\038F652D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03A36117.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03A60B13.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03B75D01.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03BA06FE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03CA58EC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03CD02E8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03DB2ADA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03DD54EA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03DE54D6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03E852CC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03EB7CC8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03FB4EB6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\040F4AA0.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\041C7292.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\041F1C8E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\042F6E7C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04331879.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\043C166E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0440406B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04533C55.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04640E43.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0467058A.wmf Infected: Exploit.Win32.IMG-WMF.v skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0467383F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04770A2D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\047B342A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\047E4CEC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04915A11.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\049E0202.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04A22BFF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04B527E9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04B951E6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04C679D7.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04C923D4.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04D64BC5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04D975C2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04E565CF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04ED71AC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04F01BA8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04F345A5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04FA199E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04FB5EF3.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04FD439A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\050A6B8C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\051B3D7A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\051E6776.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\052E3964.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05316361.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\053E0B52.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0542354F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\054A38FB.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\054B5BD7.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\054F5D40.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0552073D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05555B4E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\055C0532.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\055F2F2E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05732B19.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05765515.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05837D07.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05862703.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05934EF5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05A420E3.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05A74ADF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05B02F02.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05B151DF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05B472D1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05B71CCD.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05BB5156.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05C86EBB.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05CB18B8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05D42547.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05D840A9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05DB6AA6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05EC3C94.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05FC0E82.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\060F0A6C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06230657.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06370241.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\063A2C3D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\063D563A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0647542F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06731BF4.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06751FFD.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\067849F9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\067B73F6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\067C1B11.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\067E1DF2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\068247EE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\068C45E4.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\068F6FE0.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\069219DC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\069F41CE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06B33DB9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06B911B1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06CA639F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06D36195.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06DA358D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06E21119.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06E333F5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06E43383.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06EA077B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06F15B74.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\06F72F6D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0708015B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\070B2B58.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\070E5554.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07117F50.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0722513E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07282537.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\072C4F34.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0732232C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07354D29.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07397725.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\073F4B1E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0742751A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\074C7310.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\074F1D0C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07606EFA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\076318F6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\076D16EC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\077040E8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\077D68DA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\078012D6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07940EC1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07A460AF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07A80AAB.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07B042E1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07B5329D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07C82E87.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07CC5883.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07D90075.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07DC2A72.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07DF546E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07E95263.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07EC7C60.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\07FD4E4E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0800784A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\080D203C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08157330.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08201C26.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08244622.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\082E4418.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08316E14.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08414002.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\084469FF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\084E1CA3.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08553BED.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\085865E9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\086837D7.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\087909C5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08895BB3.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\088C05AF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0890458C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\089D579D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08AD298C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08BD7B7A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08C02576.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08CB0E0A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08CE4D68.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08D8240C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08DE1F56.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08E14952.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08E15F3F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08EB5EB6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08EE7144.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08F11B40.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08FF4332.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\09026D2E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\09123F1C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\09156919.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\091D67C1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0922110A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\09263B07.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\09360CF5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\093936F1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\094334E6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\095730D1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\095A5ACD.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\096702BF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\096A2CBB.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\097754AD.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\098B5097.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skippe

#5 N8Palm

N8Palm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 02 February 2007 - 10:26 PM

Yep there is more:

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D592F30.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D845101.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D877AFE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D9178F3.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D922719.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D9422EF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DA574DD.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DA81EDA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DB870C8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DBB1AC4.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DC842B6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DCC6CB2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DD914A4.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DDC3EA0.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DE96692.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DF93880.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DFD627C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2E0A0A6E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2E0D346A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2E17325F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2E175433.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2E1A5C5C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2E5F1328.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2E674CE7.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EBA65AC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2ECA379A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2ECE6196.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2ECE65CA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EDB0988.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EDE3384.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EE61F50.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F167D47.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F264F35.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F297932.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F2C2213.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F331619.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F3338F6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F355E3C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F362123.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F394B20.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F477311.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F4A1D0E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F5744FF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F6716ED.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F7B12D8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F8E0EC2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F9238BF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F990C21.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F9A2EFD.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F9B36B4.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2F9F60B0.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2FA40722.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2FCF7848.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\302E1812.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\304213FD.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30536845.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30560FE7.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\305939E3.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\305C3E71.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\306661D5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30673DE9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30690BD1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30A47F91.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30B4517F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30C5236D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30C84D69.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30CC1114.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30D81F57.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30DB4954.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30E97145.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30EC1B42.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30F94333.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30FC6D30.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\310C3F1E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\310E3CF5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3110691A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\311D110C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\312D62FA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\313329F8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\315D7BE0.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\317B52A4.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\318C2492.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\319F207C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31A34A78.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31B0726A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31B31C66.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31C04458.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31D44043.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31D76A3F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31EB6629.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31EE1026.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31F13A22.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31F17E81.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31F80E1B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32086009.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\320B0A05.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32154673.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\321831F7.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\322903E5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3233276A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\323C7FD0.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\324C51BE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\325D23AC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32604DA8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\326D759A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32841B80.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3287457D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32946D6F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32A53F5D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32B5114B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32BF3CE6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32C90D35.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32CA3C5D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32CB5F3A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32DF331C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32F0050A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32F32F06.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\330056F8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33177CDF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33274ECD.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\333B4AB7.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\334E46A2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\335F1890.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33763E77.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33893A61.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\338D645D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\339A0C4F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\339D364B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33AB4719.dll Infected: Trojan-Downloader.Win32.Zlob.axo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33AD0839.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33BD5A27.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33CB0219.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33CE2C16.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33CF14F1.dll Infected: Trojan-Downloader.Win32.Zlob.axo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33DB5407.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33DE7E04.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33EE4FF2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33F279EE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34024BDC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\340575D8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34121DCA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\341647C6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\342943B1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\342D6DAD.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\343017AA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\343A159F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\344D1189.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34503B86.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34610D74.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3462147C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34715F62.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3474095E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34855B4C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34952D3A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34A57F28.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34B97B13.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34BC250F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34C80A83.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34C92D5F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34C94D01.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34DD48EB.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34F044D6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34F46ED2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34FD5DB1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\350116C4.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\350440C0.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35183CAB.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35235E37.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35280E99.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\352B3895.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35386087.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35493275.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35630258.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\357A283F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\357D523B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35947822.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3597221E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35A7740C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35BE12CC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35C56DEC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35C67849.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35DF3DCF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35F239BA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35F663B6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\360D099D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\361D5B8B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\36445360.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\36584F4A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3662057E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\36A56F23.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37187C76.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\372414F2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\372C7861.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\372F225D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\373C4A4F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\374D1C3D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37504639.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37634224.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37773E0E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\378A0AF9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37B55AEE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37C203BC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37D255AA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37E32798.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37F00101.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37F37986.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\38034B74.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\38077570.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3817475E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\381A715A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\382B4349.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\382E6D45.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\383B1537.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\383E3F33.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\384B6725.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\38A02AC7.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\38A354C4.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\38B750AE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\38D44A8E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\39207A83.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3986708A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\39871366.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3A1B62B6.exe Infected: Backdoor.Win32.IRCBot.dd skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3A55452E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3A680838.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3A7D1CBA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3A8D6EA9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3A9118A5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3AA4148F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3AB74723.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3AB8107A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3AB9757D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3B0920DA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3B21313D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3B375356.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3B85618C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3B8F3E27.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3BEC5794.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3BF5342F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3CB9667F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3CC2431A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3D1F5C87.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3DEC26AF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3EB611C9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3EB734A5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F1B78DA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3F8420B4.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\40A837B7.wma Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\40C05F66.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\40D0204F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\41084E01.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\41502C81.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\41DE4C62.wma Infected: Trojan-Downloader.WMA.Wimad.d skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\41E42F21.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\424C7254.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\42B30B38.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\43185E63.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\433D01A8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\438663F9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\438976BE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\438A199A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\43C46E46.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\43E73307.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\43F00FA2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\440931FB.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\440C4CC6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\444B6356.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\444D290F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\45224EDC.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\452371B9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\457E6849.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\458844E4.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\458967C0.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\45EE3AEB.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\46060D9E.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\46346A6B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\465553CF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\46BB49D7.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\47001ABD.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\47213FDE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\477E594B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\47941D5D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\47E2099A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\47E67714.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\480373AD.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\485A5F33.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\486E63B2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\48B54232.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\48CF518B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\49146BB1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\491E484B.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\49200E04.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\497B61B8.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\49843E53.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\49990A74.htm Infected: Exploit.JS.IframeBO skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\49990A74.wmf Infected: Trojan-Downloader.Win32.Agent.acd skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\499D3470.wmf Infected: Trojan-Downloader.Win32.Agent.acd skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4A1D2E63.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4A502A62.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4A503DA2.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4AA92749.wmf Infected: Trojan-Downloader.Win32.Agent.acd skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4AAD43CF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4AAF7B42.wmf Infected: Trojan-Downloader.Win32.Agent.acd skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4B1216FA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4B3719F9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4B792FDE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4B7A52BA.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4BDD602D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4BDE0309.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4BDF25E5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4BE50FED.wmf Infected: Trojan-Downloader.Win32.Agent.acd skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4CAC34D1.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4CBA0129.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4D116520.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4D17591D.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4D775B27.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4D7920E0.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4D966550.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4DA16087.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4DA37B52.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4DC075E5.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4DDF16E7.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4E4D46AE.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4EA06526.tmp Infected: Trojan-Downloader.Win32.Zlob.vr skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4EB70A24.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4F0F3346.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4F114447.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4F915079.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\50AA511C.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\512C4BE9.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\517F19C6.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\51C36955.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\51DC3333.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\51DD560F.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\52274BFF.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\52405ABB.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5242293A.tmp Infected: Trojan-Downloader.Win32.Delf.aeo skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\52434C17.tmp Infected: Tr

#6 N8Palm

N8Palm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 02 February 2007 - 10:28 PM

Black Light Log:

02/02/07 19:04:51 [Info]: BlackLight Engine 1.0.55 initialized
02/02/07 19:04:51 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/02/07 19:04:52 [Note]: 7019 4
02/02/07 19:04:52 [Note]: 7005 0
02/02/07 19:04:57 [Note]: 7006 0
02/02/07 19:04:57 [Note]: 7011 1544
02/02/07 19:04:58 [Note]: 7026 0
02/02/07 19:04:58 [Note]: 7026 0
02/02/07 19:05:10 [Note]: FSRAW library version 1.7.1021
02/02/07 19:14:43 [Note]: 7007 0

Hijack This Log: (after removal of the 017 files you mentioned) the new one
Hijack This Log: (after removal of the 017 files you mentioned) the new one


Logfile of HijackThis v1.99.1
Scan saved at 9:54:26 PM, on 2/2/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Allume\StuffIt\MXTask.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe
C:\Program Files\Toshiba\TapButton\TapButt.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TME3\TMETEMNU.EXE
C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe
C:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Symbol Commander\Sensiva.exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Palm\Hotsync.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Administrator\Desktop\Help!\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshiba.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = N8'S INTERNET EXPLORER
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - (no file)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [CrossMenu] C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe
O4 - HKLM\..\Run: [TapButt] C:\Program Files\Toshiba\TapButton\TapButt.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TAcelMgr] C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe
O4 - HKLM\..\Run: [TosRotation] "C:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe"
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [Sensiva] "C:\Symbol Commander\Sensiva.exe"
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk.disabled
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Send to OneNote - {6EB2AA45-3F30-40e1-9864-45EB153C6EDC} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.symantec.com/techsupp/as...rl/LSSupCtl.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/download...ne_Inst_Win.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/14.21/uploader2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1150007000191
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} - http://updates.lifescapeinc.com/installers...ll/pinstall.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1150008007607
O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgUS2404.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = N8
O17 - HKLM\Software\..\Telephony: DomainName = N8
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = N8
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = N8
O20 - Winlogon Notify: cfgmngr32 - C:\WINDOWS\g4009345.dll (file missing)
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winful32 - winful32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StuffIt Task Manager - Allume Systems, Inc. - C:\PROGRA~1\Allume\StuffIt\MXTask.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Tmesrv3 (Tmesrv) - Unknown owner - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe" /Service (file missing)

Thanks again,
I hope there is nothing here that woud incriminate me. (if there is can you help me get rid of it too ...? LOL)

N8

#7 random/random

random/random

  • Malware Response Team
  • 2,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:00 AM

Posted 03 February 2007 - 05:03 AM

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6 .
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.

Run HijackThis
Click on do a system scan only
Place a checkmark next to these lines(if still present)

O20 - Winlogon Notify: cfgmngr32 - C:\WINDOWS\g4009345.dll (file missing)
O20 - Winlogon Notify: winful32 - winful32.dll (file missing)

Then close all windows except HijackThis and click Fix Checked

Restart

Post back with a new HijackThis log and let me know of any remaining problems

#8 N8Palm

N8Palm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 03 February 2007 - 12:26 PM

I did the following as you stated:


"Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed."

When I tried to do the next step.

"Then from your desktop double-click on the download to install the newest version."

The computer did not recognize which file was used to create the program ( 1170520965280-integrated.jnlp)and I did not know which program to use to open it? I am guessing that Java was used to create it so it wanted to use java to open it. However, I just dumped the java program as you had suggested above? The computer directed me to load version 5 update 10 which I did but I am not sure I should have? Please advise?

Thanks again!

N8

#9 random/random

random/random

  • Malware Response Team
  • 2,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:00 AM

Posted 03 February 2007 - 12:30 PM

It looks like you clicked on "Download selected with Sun Download manager"

To download the .exe file which is the installer, you need to click on the link that says "Windows offline installation,Multi language"

#10 N8Palm

N8Palm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 03 February 2007 - 12:53 PM

Problem solved. You are correct that is what I did. I now have v6 installed and proceeding to next step.

N8

#11 N8Palm

N8Palm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 03 February 2007 - 01:15 PM

I accidently forgot to close all windows except "Hijack this" before I clicked the fix button. However upon running it again I did not see the 020 files mentioned.

FYI. I have not had the problem since I removed the 017 you suggested earlier, but I figured is was best to go through the whole process to make sure the problem was gone for good.

Please let me know if there is any other problems you see. Here is the LOG:

Logfile of HijackThis v1.99.1
Scan saved at 1:00:20 PM, on 2/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Allume\StuffIt\MXTask.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe
C:\Program Files\Toshiba\TapButton\TapButt.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TME3\TMETEMNU.EXE
C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe
C:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\Symbol Commander\Sensiva.exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Palm\Hotsync.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Documents and Settings\Administrator\Desktop\Help!\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshiba.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = N8'S INTERNET EXPLORER
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - (no file)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [CrossMenu] C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe
O4 - HKLM\..\Run: [TapButt] C:\Program Files\Toshiba\TapButton\TapButt.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TAcelMgr] C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe
O4 - HKLM\..\Run: [TosRotation] "C:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe"
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [Sensiva] "C:\Symbol Commander\Sensiva.exe"
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk.disabled
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {6EB2AA45-3F30-40e1-9864-45EB153C6EDC} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.symantec.com/techsupp/as...rl/LSSupCtl.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/download...ne_Inst_Win.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/14.21/uploader2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1150007000191
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} - http://updates.lifescapeinc.com/installers...ll/pinstall.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1150008007607
O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgUS2404.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = N8
O17 - HKLM\Software\..\Telephony: DomainName = N8
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = N8
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = N8
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StuffIt Task Manager - Allume Systems, Inc. - C:\PROGRA~1\Allume\StuffIt\MXTask.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Tmesrv3 (Tmesrv) - Unknown owner - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe" /Service (file missing)

Thank you again Random/Random for all of your Help!!!!

#12 random/random

random/random

  • Malware Response Team
  • 2,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:00 AM

Posted 04 February 2007 - 08:22 AM

You now appear to be clean. Congratulations!

Please take the time to tell us what you would like to be done about the people who are behind all the problems you have had. We can only get something done about this if the people that we help, like you, are prepared to complain. We have a dedicated forum for collecting these complaints Malware Complaints, you do not have to be registered to post.. just find your country room and register your complaint.
The infection you had was wareout

Below are some steps to follow in order to dramatically lower the chances of reinfection
You may have already implemented some of the steps below, however you should follow any steps that you have not already implemented
  • Turn off System Restore.
    On the Desktop, right-click My Computer.
    Click Properties.
    Click the System Restore tab.
    Check Turn off System Restore.
    Click Apply, and then click OK.

    Reboot.

    Turn ON System Restore.
    On the Desktop, right-click My Computer.
    Click Properties.
    Click the System Restore tab.
    UN-Check *Turn off System Restore*.
    Click Apply, and then click OK.
    NOTE: only do this ONCE,NOT on a regular basis
  • Keep your antivirus updated
  • Keep your firewall updated
  • Keep windows up to date with the latest patches


    IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site to get the critical updates.

    If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.
  • Install spywareblaster
    Spyware blaster is a program that stops known malicious activex controls from installing on your computer. It works by changing settings in your registry. It makes
    kill bits
    in the registry, so that certain activex controls can't install.
    If you don't know what activex controls are, see here
    You can download SpywareBlaster here here
    Make sure to update it on a regular basis
  • Install IE-SPYAD
    Dowload and instructions located here
    Make sure to update it on a regular basis
  • Use a HOSTS file
    • Every version of windows has a hosts file as part of them.
    • In a very basic sense, they are used to locate webpages.
    • We can customize a hosts file so that it blocks certain webpages.
    • However, it can slow down certain computers.
    • This is why using a hosts file is optional!!
    Download it here. Make sure you read the instructions on how to install the hosts file. There is a good tutorial here
    If you decide to download the hosts file, the slowdown problems can usually be avoided by following these steps:
    • Click the start button (at the lower left hand corner of your screen)
    • Click run
    • In the dialog box, type services.msc
    • hit enter, then locate dns client
    • Highlight it, then double-click it.
    • On the dropdown box, change the setting from automatic to manual.
    • Click ok
  • Install and use Ad-aware & Spybot search & destroy
    Instructions are located here
    Make sure to update them on a regular basis
  • Most exploits are aimed at internet explorer, so I recommend you switch to an altenative browser
    Two good alternative browsers are
    Firefox
    Opera
    It is essential to update to the latest version of your browser, as the updates fix known security holes
  • Even if you do decide to switch to another browser, it is still a good idea to lock down Internet explorer
    This can be done by following these simple instructions:
    From within Internet Explorer click on the Tools menu and then click on Options.
    Click once on the Security tab
    Click once on the Internet icon so it becomes highlighted.
    Click once on the Custom Level button.
    Change the Download signed ActiveX controls to Prompt
    Change the Download unsigned ActiveX controls to Disable
    Change the Initialize and script ActiveX controls not marked as safe to Disable
    Change the Installation of desktop items to Prompt
    Change the Launching programs and files in an IFRAME to Prompt
    Change the Navigate sub-frames across different domains to Prompt
    Change the allow paste operations via script to Disable
    When all these settings have been made, click on the OK button.
    If it prompts you as to whether or not you want to save the settings, press the Yes button.
    Next press the Apply button and then the OK to exit the Internet Properties page.
  • Clean out you temp file on a regular basis
    I use and recommend ATF Cleaner by Attribune
    To use it, follow these instructions
    • Double-click ATF-Cleaner.exe to run the program.
    • Click Main at the top and choose Select All from the list.
    • Click the Empty Selected button.
    If you use Firefox browser:
    • Click Firefox at the top and choose Select All from the list.
    • Click the Empty Selected button.
    • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    If you use Opera browser:
    • Click Opera at the top and choose Select All from the list.
    • Click the Empty Selected button.
    • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    Click Exit on the Main menu to close the program.
  • Finally I am trying to make one point very clear. It is absolutely essential to keep all of your security programs up to date





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users