Hi,
Thanks for the advice.
I tried to reset the hosts, but it came up with:

ERROR: Cannot create C:\Windows\System32\DRIVERS\ETC\hosts

I did ewido and bitdefender, here's the report:

BitDefender Online Scanner



Scan report generated at: Mon, Jul 10, 2006 - 17:48:52





Scan path: A:\;C:\;D:\;E:\;F:\;







Statistics

Time
00:46:02

Files
183617

Folders
3535

Boot Sectors
4

Archives
1495

Packed Files
16624




Results

Identified Viruses
18

Infected Files
85

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
91




Engines Info

Virus Definitions
406964

Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins
13

Archive plugins
39

Unpack plugins
5

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)=>BlackBox.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)=>BlackBox.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)=>BlackBox.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)=>VerifierBug.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)=>VerifierBug.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)=>VerifierBug.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)=>Dummy.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)=>Beyond.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)=>Beyond.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)=>Beyond.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00A37A00.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03D26F19=>(Quarantine-2)
Infected with: Dropped:Trojan.Downloader.Zlob.KO

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03D26F19=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03D26F19=>(Quarantine-2)
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03D51916=>(Quarantine-2)
Infected with: Trojan.Downloader.HA

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03D51916=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03D51916=>(Quarantine-2)
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip=>(Quarantine-2)=>BlackBox.class
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip=>(Quarantine-2)=>BlackBox.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip=>(Quarantine-2)=>VerifierBug.class
Infected with: Trojan.Exploit.Java.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip=>(Quarantine-2)=>VerifierBug.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.ClassLoader.D

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip=>(Quarantine-2)=>Beyond.class
Infected with: Java.Trojan.Downloader.OpenStream.D

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip=>(Quarantine-2)=>Beyond.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip=>(Quarantine-2)=>Beyond.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A604E96.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)=>GetAccess.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)=>Installer.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)=>Installer.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0A914460.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)=>BlackBox.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)=>BlackBox.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)=>BlackBox.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)=>VerifierBug.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)=>VerifierBug.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)=>VerifierBug.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)=>Dummy.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)=>Beyond.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)=>Beyond.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)=>Beyond.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BE951EF.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)=>GetAccess.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)=>Installer.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)=>Installer.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0DE95C1F.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14D4106C.zip=>(Quarantine-2)=>a.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14D4106C.zip=>(Quarantine-2)=>a.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14D4106C.zip=>(Quarantine-2)=>a.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14D4106C.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14D4106C.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14D4106C.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14D4106C.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14D4106C.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14D4106C.zip=>(Quarantine-2)=>VerifierBug.class
Infected with: Trojan.Exploit.Java.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14D4106C.zip=>(Quarantine-2)=>VerifierBug.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14D4106C.zip=>(Quarantine-2)=>VerifierBug.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14D4106C.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14D4106C.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)=>BlackBox.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)=>BlackBox.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)=>BlackBox.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)=>VerifierBug.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)=>VerifierBug.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)=>VerifierBug.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)=>Dummy.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)=>Beyond.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)=>Beyond.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)=>Beyond.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BA17AF1.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E454916=>(Quarantine-2)
Infected with: Trojan.Downloader.Zlob.KB

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E454916=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E454916=>(Quarantine-2)
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)=>BlackBox.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)=>BlackBox.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)=>BlackBox.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)=>VerifierBug.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)=>VerifierBug.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)=>VerifierBug.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)=>Dummy.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)=>Beyond.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)=>Beyond.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)=>Beyond.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\216724DD.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)=>GetAccess.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)=>Installer.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)=>Installer.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23320CB0.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)=>BlackBox.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)=>BlackBox.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)=>BlackBox.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)=>VerifierBug.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)=>VerifierBug.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)=>VerifierBug.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)=>Dummy.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)=>Beyond.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)=>Beyond.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)=>Beyond.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27650212.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32593872=>(Quarantine-2)=>(NSIS o)=>lzma_nsis0005
Infected with: Trojan.Clicker.Vb.EX

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32593872=>(Quarantine-2)=>(NSIS o)=>lzma_nsis0005
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32593872=>(Quarantine-2)=>(NSIS o)=>lzma_nsis0005
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32593872=>(Quarantine-2)=>(NSIS o)
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32593872=>(Quarantine-2)=>(NSIS o)=>lzma_nsis0006
Infected with: Trojan.Multidropper.NB

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32593872=>(Quarantine-2)=>(NSIS o)=>lzma_nsis0006
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32593872=>(Quarantine-2)=>(NSIS o)=>lzma_nsis0006
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32593872=>(Quarantine-2)=>(NSIS o)
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)=>GetAccess.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)=>Installer.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)=>Installer.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340E25EF.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)=>GetAccess.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)=>Installer.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)=>Installer.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37457A65.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)=>GetAccess.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)=>Installer.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)=>Installer.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37492462.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip=>(Quarantine-2)=>BlackBox.class
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip=>(Quarantine-2)=>BlackBox.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip=>(Quarantine-2)=>VerifierBug.class
Infected with: Trojan.Exploit.Java.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip=>(Quarantine-2)=>VerifierBug.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.ClassLoader.D

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip=>(Quarantine-2)=>Beyond.class
Infected with: Java.Trojan.Downloader.OpenStream.D

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip=>(Quarantine-2)=>Beyond.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip=>(Quarantine-2)=>Beyond.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\374C4E5E.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)=>GetAccess.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)=>Installer.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)=>Installer.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37853B11.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\39392B07=>(Quarantine-2)=>(RAR Sfx o)=>vonner.exe
Infected with: Dropped:Trojan.Pokapoka62.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\39392B07=>(Quarantine-2)=>(RAR Sfx o)=>vonner.exe
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\39392B07=>(Quarantine-2)=>(RAR Sfx o)=>vonner.exe
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\39392B07=>(Quarantine-2)=>(RAR Sfx o)
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)=>BlackBox.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)=>BlackBox.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)=>BlackBox.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)=>VerifierBug.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)=>VerifierBug.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)=>VerifierBug.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)=>Dummy.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)=>Beyond.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)=>Beyond.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)=>Beyond.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B9E7D07.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)=>GetAccess.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)=>Installer.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)=>Installer.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44631CE0.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)=>GetAccess.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)=>Installer.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)=>Installer.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45DE6F80.zip
Update failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>BB.class
Infected with: Java.Trojan.ClassLoader.O

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>BB.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>BB.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>VerifierBug.class
Infected with: Trojan.Exploit.Java.Bytverify

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>VerifierBug.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.ClassLoader.Dummy.C

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>Beyond.class
Infected with: Java.Trojan.Downloader.OpenConnection.K

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>Beyond.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>Beyond.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>BeyondInterface.class
Infected with: Trojan.Exploit.Byteverify.D

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>BeyondInterface.class
Disinfection failed

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)=>BeyondInterface.class
Deleted

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6917272A.zip
Update failed

C:\RECYCLER\NPROTECT\00000309=>(Quarantine-2)
Infected with: Dropped:Trojan.Downloader.Zlob.KO

C:\RECYCLER\NPROTECT\00000309=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00000309=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00000310=>(Quarantine-2)
Infected with: Trojan.Downloader.HA

C:\RECYCLER\NPROTECT\00000310=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00000310=>(Quarantine-2)
Deleted

C:\RECYCLER\NPROTECT\00000311=>(Quarantine-2)
Infected with: Trojan.Downloader.Zlob.KB

C:\RECYCLER\NPROTECT\00000311=>(Quarantine-2)
Disinfection failed

C:\RECYCLER\NPROTECT\00000311=>(Quarantine-2)
Deleted



It seems to have only picked up on previously quarantined viruses...

Here is my new HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 1750, on 10/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspn et_admin.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
F:\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\AnalogX\MaxMem\maxmem.exe
C:\Program Files\AnalogX\POW\pow.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\Henry's\Downloads\hijackthis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

O2 - BHO: (no name) - AutorunsDisabled - (no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: MaxMem.lnk = C:\Program Files\AnalogX\MaxMem\maxmem.exe
O4 - Startup: POW! (2).lnk = C:\Program Files\AnalogX\POW\pow.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - F:\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.co.uk/SnapfishUKActivia.cab
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe...nttracking.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1122721408296
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1146842039031
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1A0F3F8-C9D0-4B3B-BB89-67CC469BA838}: NameServer = 195.184.228.6 195.184.228.7
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - F:\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

It hasn't removed the virus, but let me know what else I should do!

Thanks,

henry

Hi,


I don't see anything in your log that would indicated about:blank.


Download the Intermute stand-alone version of CWShredder from here: cwshredder.net/bin/CWShredder.exe
Install it and check for updates then exit, we will use it later.


Now reboot into safe mode by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.


Now run CWShredder while in safe mode and click on fix.


Reboot normal mode and...



Download Silent runners.Vbs post the log it creates please
http://www.silentrunners.org/sr_scriptuse.html click yes to the suplimentry searchs
Wait until there is a All Done message !!, Then open and post the log next to it.
Your antivirus script protection might interfear or alert, please allow it to run after a bit box will say done.

CWShredder found nothing.
Here is the Silent Runners log:

"Silent Runners.vbs", revision 46, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run \ {++}
"msnmsgr" = ""C:\Program Files\MSN Messenger\msnmsgr.exe" /background" [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run \ {++}
"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]
"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" [MS]
"POINTER" = "C:\Program Files\Microsoft Hardware\Mouse\point32.exe" [MS]
"SpeedTouch USB Diagnostics" = ""C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon" ["THOMSON Telecom Belgium"]
"SunJavaUpdateSched" = "C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe" [null data]
"ccApp" = ""C:\Program Files\Common Files\Symantec Shared\ccApp.exe"" ["Symantec Corporation"]
"Symantec NetDriver Monitor" = "C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer" ["Symantec Corporation"]
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]
"Zone Labs Client" = ""C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"" ["Zone Labs, LLC"]
"!ewido" = ""C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized" ["Anti-Malware Development a.s."]

HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved\
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {HKLM...CLSID} = "DesktopContext Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {HKLM...CLSID} = "Desktop Explorer"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
-> {HKLM...CLSID} = "nView Desktop Context Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"
-> {HKLM...CLSID} = "Portable Media Devices"
\InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {HKLM...CLSID} = "Portable Media Devices Menu"
\InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "F:\Office\Office10\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "F:\Office\Office10\msohev.dll" [MS]
"{9162F88A-971C-4c9b-AAC0-0A1202B95593}" = "NOMAD MuVo NXShell Hook"
-> {HKLM...CLSID} = "NOMAD MuVo NXShell Hook"
\InProcServer32\(Default) = "MUVONXh.dll" ["Creative Technology Ltd."]
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"
-> {HKLM...CLSID} = "NVIDIA CPL Extension"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "F:\winrar\rarext.dll" [null data]
"{29e3fb5b-cf62-45b5-b8bf-1ad500385fc7}" = "Shell Context Menu Handler for Application References"
-> {HKLM...CLSID} = "Shell Context Menu Handler for Application References"
\InProcServer32\(Default) = "C:\WINDOWS\system32\dfshim.dll" [MS]
"{29e3fb5b-cf62-45b5-b8bf-1ad500385fc6}" = "Shell Context Menu Handler for Application Manifests"
-> {HKLM...CLSID} = "Shell Context Menu Handler for Application Manifests"
\InProcServer32\(Default) = "C:\WINDOWS\system32\dfshim.dll" [MS]
"{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}" = "Shell Icon Handler for Application References"
-> {HKLM...CLSID} = "Shell Icon Handler for Application References"
\InProcServer32\(Default) = "C:\WINDOWS\system32\dfshim.dll" [MS]
"{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"
-> {HKLM...CLSID} = "Shell Search Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellExecuteHooks\
INFECTION WARNING! "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" = "ewido anti-spyware 4.0"
-> {HKLM...CLSID} = "CShellExecuteHookImpl Object"
\InProcServer32\(Default) = "C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll" ["Anti-Malware Development a.s."]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! WgaLogon\DLLName = "WgaLogon.dll" [MS]

HKLM\Software\Classes\*\shellex\ContextMenuHandler s\
ewido anti-spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\ewido anti-spyware 4.0\context.dll" ["Anti-Malware Development a.s."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "F:\winrar\rarext.dll" [null data]

HKLM\Software\Classes\Directory\shellex\ContextMen uHandlers\
ewido anti-spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\ewido anti-spyware 4.0\context.dll" ["Anti-Malware Development a.s."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "F:\winrar\rarext.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHa ndlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "F:\winrar\rarext.dll" [null data]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellState

HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\Web\Wallpaper\Bliss.bmp"


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\sstext3d.scr" [MS]



If no about:blank-like items can be seen, could it be tht the virus didn't install properly? And does it mean I'm safe to use the computer normally? I'm currently avoiding using password requiring websites as a precaution.

Thanks again,

Henry

Did you go to tools, then options and try to change it back that way?

I take it your not getting any popups.




Please download WebRoot SpySweeper from HERE (It's a 14-day trial):

* Click Download Now to download the program.
* Install it. Once the program is installed, it will open.
* It will prompt you to update to the latest definitions, click Yes.
* Once the definitions are installed, click Options on the left side.
* Click the Sweep Options tab.
* Under What to Sweep please put a check next to the following:
o Sweep Memory
o Sweep Registry
o Sweep Cookies
o Sweep All User Accounts
o Enable Direct Disk Sweeping
o Sweep Contents of Compressed Files
o Sweep for Rootkits
o Please UNCHECK Do not Sweep System Restore Folder.

* Click Sweep Now on the left side.
* Click the Start button.
* When it's done scanning, click the Next button.
* Make sure everything has a check next to it, then click the Next button.
* It will remove all of the items found.
* Click Session Log in the upper right corner, copy everything in that window.
* Click the Summary tab and click Finish.
* Paste the contents of the session log you copied into your next reply along with a fresh HJT log.

No pop-ups are coming up, nothing malicious appears to be happening, just an annoying about:blank homepage.
I have tried all possible ways of changing it back - Tools>Options, dragging and dropping URL on homepage icon, clicking 'set as homepage'.
I've tried Adaware, Adware Away, many many other spyware things, I've tried chasing the .dll around the system, checking the AppInit value box (which is blank)...
It's just getting annoying.
Spyware Sweeper found a few things but hasn't cleared the issue... Here's the log:

15:23: Removal process completed. Elapsed time 00:00:26
15:23: Quarantining All Traces: spyfalcon
15:23: Quarantining All Traces: spyware quake fakealert
15:23: Quarantining All Traces: trojan-downloader-zlob
15:22: Removal process initiated
15:22: Traces Found: 4
15:22: Full Sweep has completed. Elapsed time 00:16:28
15:22: File Sweep Complete, Elapsed Time: 00:14:34
15:15: C:\System Volume Information\_restore{47ba2e15-39b7-41fc-9247-cd69f840f97a}\RP364\A0127816.LNK (ID = 243376)
15:15: Found Adware: spyfalcon
15:15: Warning: Failed to access drive D:
15:09: C:\System Volume Information\_restore{47ba2e15-39b7-41fc-9247-cd69f840f97a}\RP373\A0147878.dll (ID = 319805)
15:09: Found Adware: spyware quake fakealert
15:07: Starting File Sweep
15:07: Warning: Failed to access drive A:
15:07: Cookie Sweep Complete, Elapsed Time: 00:00:00
15:07: Starting Cookie Sweep
15:07: Registry Sweep Complete, Elapsed Time:00:00:10
15:07: HKLM\software\classes\vsenchancer.chl\ (ID = 1519792)
15:07: HKCR\vsenchancer.chl\ (ID = 1519747)
15:07: Found Trojan Horse: trojan-downloader-zlob
15:07: Starting Registry Sweep
15:07: Memory Sweep Complete, Elapsed Time: 00:01:35
15:05: Starting Memory Sweep
15:05: Sweep initiated using definitions version 716
15:05: Spy Sweeper 5.0.5.1286 started
15:05: | Start of Session, 12 July 2006 |
********
15:05: | End of Session, 12 July 2006 |
Keylogger Shield: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
15:05: Warning: Access is denied
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
15:05: Shield States
15:05: Spyware Definitions: 716
15:04: Spy Sweeper 5.0.5.1286 started
Keylogger Shield: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
15:00: Shield States
15:00: Spyware Definitions: 716
15:00: Spy Sweeper 5.0.5.1286 started
14:50: | End of Session, 12 July 2006 |
14:49: Your spyware definitions have been updated.
Keylogger Shield: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
14:45: Shield States
14:45: Spyware Definitions: 691
14:44: Spy Sweeper 5.0.5.1286 started
14:44: Spy Sweeper 5.0.5.1286 started
14:44: | Start of Session, 12 July 2006 |
********

and here's the new HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 15:24:29, on 12/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspn et_admin.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
F:\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\AnalogX\MaxMem\maxmem.exe
C:\Program Files\AnalogX\POW\pow.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Messenger\msmsgs.exe
F:\Henry's\Downloads\hijackthis\HijackThis.exe

O2 - BHO: (no name) - AutorunsDisabled - (no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [POINTER] "C:\Program Files\Microsoft Hardware\Mouse\point32.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] "C:\PROGRA~1\SYMNET~1\SNDMon.exe" /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: MaxMem.lnk = C:\Program Files\AnalogX\MaxMem\maxmem.exe
O4 - Startup: POW! (2).lnk = C:\Program Files\AnalogX\POW\pow.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - F:\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.co.uk/SnapfishUKActivia.cab
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe...nttracking.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1122721408296
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1146842039031
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - F:\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

Hmmm,


Let's try this, I seen some stuff in spysweeper log that could be a problem if spysweeper did not get it all.





Please download http://siri.urz.free.fr/Fix/SmitfraudFix.zip (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Please do not run any other option until asked to do so, Thanks

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm


Please post a new hijackthis log and the smitfraudfix log. Thanks.


Also...



Open Hijackthis.

Click the "Open the Misc Tools" section Button.

Click the "Open Uninstall Manager" Button.

Click the "Save list..." Button.

Save it to your desktop. Copy and paste the contents into your reply.

ok, here's my Smitfraudfix:

SmitFraudFix v2.70

Scan done at 15:41:33.57, 13/07/2006
Run from C:\Documents and Settings\henry\Desktop\sri\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\henry\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\henry\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End




Here's the HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 15:42:59, on 13/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspn et_admin.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
F:\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\AnalogX\MaxMem\maxmem.exe
C:\Program Files\AnalogX\POW\pow.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Messenger\msmsgs.exe
F:\Henry's\Downloads\hijackthis\HijackThis.exe
C:\WINDOWS\system32\notepad.exe

O2 - BHO: (no name) - AutorunsDisabled - (no file)
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [POINTER] "C:\Program Files\Microsoft Hardware\Mouse\point32.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] "C:\PROGRA~1\SYMNET~1\SNDMon.exe" /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: MaxMem.lnk = C:\Program Files\AnalogX\MaxMem\maxmem.exe
O4 - Startup: POW! (2).lnk = C:\Program Files\AnalogX\POW\pow.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - F:\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.co.uk/SnapfishUKActivia.cab
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe...nttracking.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1122721408296
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1146842039031
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1A0F3F8-C9D0-4B3B-BB89-67CC469BA838}: NameServer = 195.184.228.6 195.184.228.7
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - F:\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe



and here's the uninstall list:

Ad-Aware SE Personal
Adobe Acrobat 5.0
Adware Away v3.0.2
AnalogX MaxMem
AnalogX POW!
Belkin Bluetooth Software
CC_ccStart
ccCommon
CCleaner (remove only)
Conexant USB HCF V.90 Data,Fax,Voice Modem
Creative Jukebox Driver
Creative MediaSource
DivX
DivX Player
Dynomite Deluxe 2.56k
EA.com Update
English Superpack
ewido anti-spyware 4.0
Football Manager 2005
Football Manager 2005 Update Build 1.0
HCF V9x Data Fax Voice USB Modem
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.1
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows XP (KB896344)
hp deskjet 940c series (Remove only)
Java 2 Runtime Environment, SE v1.4.2_06
Kazaa Lite K++ v2.4.3
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Macromedia Flash Player 8
Macromedia Shockwave Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0 Beta
Microsoft Office XP Professional with FrontPage
Microsoft Windows Journal Viewer
Motion Director
MSN Messenger 7.0
MSRedist
NHL 2002
NOMAD MuVo NX
Norton AntiVirus
Norton AntiVirus Parent MSI
Norton CleanSweep
Norton Password Manager
Norton SystemWorks 2004
Norton SystemWorks 2004 (Symantec Corporation)
Norton Utilities
Norton WMI Update
NSW_DRM_COLLECTION
NVIDIA Display Driver
NVIDIA Drivers
PowerDVD
QuickTime
RealPlayer
Registrar Registry Manager 4.04
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Shrek 2
SpeedTouch USB Software
Spy Sweeper
Spybot - Search & Destroy 1.3
Symantec Script Blocking Installer
SymNet
Tiscali
Ulead Photo Explorer 8.0 SE Basic
Ulead VideoStudio 7 SE DVD
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB900930)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB912945)
VIA Audio Driver Setup Program
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Media Connect
Windows Media Connect
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
Windows Media Format Runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB887797
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
ZoneAlarm
ZyXEL USB ADSL

thanks again.

Spysweeper cleaned it looks like nothing showing in latest tool.




Go to start >run and type: services.msc and click OK
Scroll down in that list and look if the following services are present:

Network Security Service (NSS)
Remote Procedure Call (RPC) Helper
Workstation NetLogon Service

Please make sure it is exactly the same written as above, because there are also legit services that look very much the same as the ones above, so please choose the right one!! For example, there's also a legit service called Remote Procedure Call (RPC), without the word Helper in it. That is a good one, so please don't select that one.

Doubleclick on the service(s). In the window that will appear, click on "Stop" (if not greyed out) and change the Startup Type to disabled.
Click apply and OK and close all open windows.



1. Please download dllcompare (A scanner to locate hidden DLL files) from this locations:
DLLCompare
2. When you execute dllcompare.exe, by default the c:\windows\system32 is selected. This can be changed to scan you entire computer for any file type - Simply select the path and check off the box labelled "Include SubDirectories"
3. Click on "Locate.com" and allow the scan to complete.
4. After the scan has finished click on "Compare" to scan for the files that Windows does not see. This step will take a few minutes to run.
5. If the box at the bottom of the screen contains any files, these are the ones that are hidden - Click on "Make a Log of what was Found".
6. When prompted to "View Log File" click on "Yes".
7. Notepad will open with the log file contents.
8. In Notepad, click on "Edit" => "Select All" => "Edit" = "Copy" and post the contents as a reply to this message.

Thanks.


See if this helps:

http://www.daniweb.com/techtalkforums/thread5531.html

Or this:

http://support.microsoft.com/default...;EN-US;q320159

Or this

http://www.fjsmjs.com/IE/homepage.htm