Adware?(RESOLVED)

**uncleramsay** · 29-07-2006

Hi,

I have been having a problem recently...

Every time I open Internet Explorer, I get a popup advertisement (even though I have a pop up blocker installed).

This in itself is quite annoying, but I am worried the problem may be deeper too?

I have run Norton AntiVirus and AdAware with the latest updates, and the problem is still there.

Can you help?

Here is my HijackThis log...

Logfile of HijackThis v1.99.1
Scan saved at 23:26:21, on 29/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\LogMeIn\RaMaint.exe
C:\Program Files\LogMeIn\LogMeIn.exe
c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\LogMeIn\LogMeInSystray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ipwins\ipwins.exe
C:\Program Files\Common Files\{DCE64606-0BB0-1033-0316-05040512002c}\Update.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Skype\Skype.exe
C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe
C:\Program Files\Philips\Philips Lime Service\bin\Lime.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\PROGRA~1\COMMON~1\SSTEM~1\wucrtupd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\SYSTEM32\?ymbols\??xplore.exe
C:\Program Files\Google\Google Updater\1.1.514.27546\GoogleUpdater.exe
C:\Program Files\TClock\TClock.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cool.exe
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - <default> - (no file)
R3 - URLSearchHook: (no name) - {B630C63B-2DAA-207C-8A8A-5017B3855FCF} - C:\WINDOWS\system32\iuw.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\LogMeInSystray.exe"
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
O4 - HKCU\..\Run: [Tair] "C:\PROGRA~1\COMMON~1\SSTEM~1\wucrtupd.exe" -vt yazr
O4 - HKCU\..\Run: [Zlpiiv] C:\WINDOWS\SYSTEM32\?ymbols\??xplore.exe
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\1.1.514.27546\GoogleUpdater.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/...gameloader.cab
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com/support/plugins/ebraryRdr.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - https://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?Link...04&clcid=0x409
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://dominomail.salvationarmy.org.uk/iNotes6W.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1133473732375
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://eu-housecall.trendmicro-europ...vex/hcImpl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/sof...iveXPlugin.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...l/SymAData.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://pc.mywebexpc.com/client/v_my...ra/ieatgpc.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\LogMeIn.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

**Neal** · 30-07-2006

Welcome back,

Download and install
Ewido anti-spyware
4.0 (uninstall any previous version first).

Click the Download BUTTON. On the next page click the
Download now BUTTON.
Save and then install (Run) from the save location.
Open/Run ewido anti-spyware
Wait a few moments and Ewido should Auto update itself (note date of last
update). If it doesn't update, click the update ICON at top of
screen:
Click on the Update now LINK at the top of the window
- Click on the Start update button
- Wait for the update to download and install

**uncleramsay** · 31-07-2006

Ewido Log...

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 23:23:33 30/07/2006

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{364B6276-C6C1-40B6-A6D7-6C48871FD707} -> Adware.Accoona : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Cleaned with backup (quarantined).
HKU\S-1-5-21-1300843200-528733203-3098348463-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\loader2.exe -> Adware.Azesearch : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ticads.exe -> Adware.Azesearch : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ticont.dll -> Adware.Azesearch : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\tisa.dll -> Adware.Azesearch : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\ttu.exe -> Adware.Azesearch : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\tu.exe -> Adware.Azesearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-1300843200-528733203-3098348463-1005\Software\CashFiesta -> Adware.CashFiesta : Cleaned with backup (quarantined).
HKU\S-1-5-21-1300843200-528733203-3098348463-1005\Software\CashFiesta\Cashfiesta -> Adware.CashFiesta : Cleaned with backup (quarantined).
HKU\S-1-5-21-1300843200-528733203-3098348463-1005\Software\CashFiesta\Cashfiesta\Config -> Adware.CashFiesta : Cleaned with backup (quarantined).
HKU\S-1-5-21-1300843200-528733203-3098348463-1005\Software\CashFiesta\Cashfiesta\Install -> Adware.CashFiesta : Cleaned with backup (quarantined).
HKU\S-1-5-21-1300843200-528733203-3098348463-1005\Software\CashFiesta\Cashfiesta\Update -> Adware.CashFiesta : Cleaned with backup (quarantined).
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Local Settings\Temp\DMSKSSRh.sys -> Backdoor.Genlot.DX : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\rdgGB2404.exe -> Dialer.GBDialer.g : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\rdgGB2405.exe -> Dialer.GBDialer.g : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Local Settings\Temp\win88.tmp.exe -> Downloader.Obfuscated.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-217a6652-53f7a68b.zip/Matrix.class -> Downloader.OpenStream.c : Error during cleaning.
C:\Documents and Settings\Dale\Local Settings\Temp\win7B.tmp.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-18e9b30e-1a4034c7.zip/NewSecurityClassLoader.class -> Not-A-Virus.Exploit.ByteVerify : Error during cleaning.
C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-18e9b30e-1a4034c7.zip/NewURLClassLoader.class -> Not-A-Virus.Exploit.ByteVerify : Error during cleaning.
C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-47723671-60089554.zip/NewSecurityClassLoader.class -> Not-A-Virus.Exploit.ByteVerify : Error during cleaning.
C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-47723671-60089554.zip/NewURLClassLoader.class -> Not-A-Virus.Exploit.ByteVerify : Error during cleaning.
C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-5f22f99-443bcddf.zip/NewSecurityClassLoader.class -> Not-A-Virus.Exploit.ByteVerify : Error during cleaning.
C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-5f22f99-443bcddf.zip/NewURLClassLoader.class -> Not-A-Virus.Exploit.ByteVerify : Error during cleaning.
C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-cb66fa7-1664fac9.zip/NewSecurityClassLoader.class -> Not-A-Virus.Exploit.ByteVerify : Error during cleaning.
C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-cb66fa7-1664fac9.zip/NewURLClassLoader.class -> Not-A-Virus.Exploit.ByteVerify : Error during cleaning.
C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-1ab62644-36c70621.zip/Dummy.class -> Not-A-Virus.Exploit.ByteVerify : Error during cleaning.
C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-217a6652-53f7a68b.zip/Dummy.class -> Not-A-Virus.Exploit.ByteVerify : Error during cleaning.
:mozilla.30:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\9vv8a6sd.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.79:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\9vv8a6sd.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@aoluk.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@cneteurope.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@heavycom.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@microsoftoffice.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@msnaccountservices.112. 2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@stats.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
:mozilla.69:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\9vv8a6sd.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.70:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\9vv8a6sd.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.71:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\9vv8a6sd.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.73:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\9vv8a6sd.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@com[1].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup (quarantined).
:mozilla.26:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\9vv8a6sd.default\coo kies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
:mozilla.76:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\9vv8a6sd.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@login.tracking101[1].txt -> TrackingCookie.Tracking101 : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.18:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\9vv8a6sd.default\coo kies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.72:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\9vv8a6sd.default\coo kies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
:mozilla.50:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\9vv8a6sd.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.51:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\9vv8a6sd.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Dale\Cookies\dale@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win2A.tmp.exe -> Trojan.Dialer.oy : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win4D.tmp.exe -> Trojan.Dialer.oy : Cleaned with backup (quarantined).

::Report end

BitDefender Log...

BitDefender Online Scanner

Scan report generated at: Mon, Jul 31, 2006 - 01:50:22

Scan path: C:\;D:\;

Statistics

Time
02:22:11

Files
1083244

Folders
17944

Boot Sectors
4

Archives
14619

Packed Files
78835

Results

Identified Viruses
23

Infected Files
115

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
205

Engines Info

Virus Definitions
424240

Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins
13

Archive plugins
39

Unpack plugins
5

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-18e9b30e-1a4034c7.zip=>NewSecurityClassLoader.class
Infected with: Trojan.Exploit.Byteverify.G

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-18e9b30e-1a4034c7.zip=>NewSecurityClassLoader.class
Disinfection failed

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-18e9b30e-1a4034c7.zip=>NewSecurityClassLoader.class
Deleted

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-18e9b30e-1a4034c7.zip
Updated

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-18e9b30e-1a4034c7.zip=>NewURLClassLoader.class
Infected with: Trojan.Java.Byteverify.Exploit.C

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-18e9b30e-1a4034c7.zip=>NewURLClassLoader.class
Disinfection failed

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-18e9b30e-1a4034c7.zip=>NewURLClassLoader.class
Deleted

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-18e9b30e-1a4034c7.zip
Updated

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-47723671-60089554.zip=>NewSecurityClassLoader.class
Infected with: Trojan.Exploit.Byteverify.G

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-47723671-60089554.zip=>NewSecurityClassLoader.class
Disinfection failed

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-47723671-60089554.zip=>NewSecurityClassLoader.class
Deleted

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-47723671-60089554.zip
Updated

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-47723671-60089554.zip=>NewURLClassLoader.class
Infected with: Trojan.Java.Byteverify.Exploit.C

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-47723671-60089554.zip=>NewURLClassLoader.class
Disinfection failed

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-47723671-60089554.zip=>NewURLClassLoader.class
Deleted

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-47723671-60089554.zip
Updated

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-5f22f99-443bcddf.zip=>NewSecurityClassLoader.class
Infected with: Trojan.Exploit.Byteverify.G

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-5f22f99-443bcddf.zip=>NewSecurityClassLoader.class
Disinfection failed

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-5f22f99-443bcddf.zip=>NewSecurityClassLoader.class
Deleted

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-5f22f99-443bcddf.zip
Updated

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-5f22f99-443bcddf.zip=>NewURLClassLoader.class
Infected with: Trojan.Java.Byteverify.Exploit.C

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-5f22f99-443bcddf.zip=>NewURLClassLoader.class
Disinfection failed

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-5f22f99-443bcddf.zip=>NewURLClassLoader.class
Deleted

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-5f22f99-443bcddf.zip
Updated

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-cb66fa7-1664fac9.zip=>NewSecurityClassLoader.class
Infected with: Trojan.Exploit.Byteverify.G

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-cb66fa7-1664fac9.zip=>NewSecurityClassLoader.class
Disinfection failed

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-cb66fa7-1664fac9.zip=>NewSecurityClassLoader.class
Deleted

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-cb66fa7-1664fac9.zip
Updated

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-cb66fa7-1664fac9.zip=>NewURLClassLoader.class
Infected with: Trojan.Java.Byteverify.Exploit.C

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-cb66fa7-1664fac9.zip=>NewURLClassLoader.class
Disinfection failed

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-cb66fa7-1664fac9.zip=>NewURLClassLoader.class
Deleted

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jav a.jar-cb66fa7-1664fac9.zip
Updated

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-1ab62644-36c70621.zip=>Dummy.class
Infected with: Trojan.Java.Classloader.G

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-1ab62644-36c70621.zip=>Dummy.class
Disinfection failed

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-1ab62644-36c70621.zip=>Dummy.class
Deleted

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-1ab62644-36c70621.zip
Updated

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-217a6652-53f7a68b.zip=>Matrix.class
Infected with: Java.Trojan.Downloader.OpenStream.C

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-217a6652-53f7a68b.zip=>Matrix.class
Disinfection failed

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-217a6652-53f7a68b.zip=>Matrix.class
Deleted

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-217a6652-53f7a68b.zip
Updated

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-217a6652-53f7a68b.zip=>Dummy.class
Infected with: Trojan.Java.Classloader.G

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-217a6652-53f7a68b.zip=>Dummy.class
Disinfection failed

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-217a6652-53f7a68b.zip=>Dummy.class
Deleted

C:\Documents and Settings\Dale\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv470.jar-217a6652-53f7a68b.zip
Updated

C:\Documents and Settings\Dale\Local Settings\Temp\mst79.tmp
Infected with: Trojan.Klone.D

C:\Documents and Settings\Dale\Local Settings\Temp\mst79.tmp
Disinfection failed

C:\Documents and Settings\Dale\Local Settings\Temp\mst79.tmp
Deleted

C:\Documents and Settings\Dale\Local Settings\Temp\mstCA.tmp
Infected with: Trojan.Klone.D

C:\Documents and Settings\Dale\Local Settings\Temp\mstCA.tmp
Disinfection failed

C:\Documents and Settings\Dale\Local Settings\Temp\mstCA.tmp
Deleted

C:\Documents and Settings\Dale\My Documents\Downloads\Media\Cliprexdsfree.exe=>(NSIS o)=>lzma_nsis0011
Detected with: Adware.Ncase.D

C:\Documents and Settings\Dale\My Documents\Downloads\Media\Cliprexdsfree.exe=>(NSIS o)=>lzma_nsis0011
Disinfection failed

C:\Documents and Settings\Dale\My Documents\Downloads\Media\Cliprexdsfree.exe=>(NSIS o)=>lzma_nsis0011
Deleted

C:\Documents and Settings\Dale\My Documents\Downloads\Media\Cliprexdsfree.exe=>(NSIS o)
Update failed

C:\Program Files\Norton AntiVirus\Quarantine\1E89469B.cla=>(Quarantine-2)
Infected with: Trojan.Exploit.Java.Bytverify

C:\Program Files\Norton AntiVirus\Quarantine\1E89469B.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\21CC5862.cla=>(Quarantine-2)
Infected with: Trojan.Exploit.Java.Bytverify

C:\Program Files\Norton AntiVirus\Quarantine\21CC5862.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\21E75C34.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\21E75C34.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\21E75C34.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\262C2F7B.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\262C2F7B.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\262C2F7B.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\2D0D69D8.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\2D0D69D8.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\2D0D69D8.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\2D4B5E01.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\2D4B5E01.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\304B1B0F.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\304B1B0F.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\304B1B0F.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\309E6E22.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\309E6E22.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\309E6E22.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\31600BDE.htm=>(Quarantine-2)=>(JAVASCRIPT 2)
Infected with: Trojan.Exploit.Js.Cve.2005.1790.J

C:\Program Files\Norton AntiVirus\Quarantine\31600BDE.htm=>(Quarantine-2)=>(JAVASCRIPT 2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\31600BDE.htm=>(Quarantine-2)=>(JAVASCRIPT 2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\31600BDE.htm=>(Quarantine-2)
Updated

C:\Program Files\Norton AntiVirus\Quarantine\31600BDE.htm
Update failed

C:\Program Files\Norton AntiVirus\Quarantine\31600BDE.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\31600BDE.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\31600BDE.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\31CF1F63.htm=>(Quarantine-2)
Infected with: Trojan.Exploit.Js.Cve.2005.1790.J

C:\Program Files\Norton AntiVirus\Quarantine\31CF1F63.htm=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\31CF1F63.htm=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\31CF1F63.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\31CF1F63.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\31CF1F63.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\31D34960.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\31D34960.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\31D34960.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)=>Matrix.class
Infected with: Java.Trojan.Downloader.OpenStream.C

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)=>Matrix.class
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)=>Matrix.class
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)=>Counter.class
Infected with: Trojan.Java.Classloader.H

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)=>Counter.class
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)=>Counter.class
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.G

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)=>Parser.class
Infected with: Trojan.Java.Classloader.D

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)=>Parser.class
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)=>Parser.class
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip=>(Quarantine-2)
Updated

C:\Program Files\Norton AntiVirus\Quarantine\31E31B4E.zip
Update failed

C:\Program Files\Norton AntiVirus\Quarantine\31E6454A.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.D

C:\Program Files\Norton AntiVirus\Quarantine\31E6454A.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\31E96F47.cla=>(Quarantine-2)
Infected with: Trojan.Exploit.Java.Bytverify

C:\Program Files\Norton AntiVirus\Quarantine\31E96F47.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\31F04340.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\31F04340.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\325F56C5.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\325F56C5.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\325F56C5.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\327926A9.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\327926A9.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\327926A9.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\36986CAE.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify

C:\Program Files\Norton AntiVirus\Quarantine\36986CAE.tmp=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\36986CAE.tmp=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\369B16AA.tmp=>(Quarantine-2)
Infected with: Trojan.Downloader.Java.Openconnection.AJ

C:\Program Files\Norton AntiVirus\Quarantine\369B16AA.tmp=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\369B16AA.tmp=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\37BA6E48.cla=>(Quarantine-2)
Infected with: Trojan.Exploit.Java.Bytverify

C:\Program Files\Norton AntiVirus\Quarantine\37BA6E48.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\37CF4DBA.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\37CF4DBA.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\37CF4DBA.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\38DB1A00.cla=>(Quarantine-2)
Infected with: Trojan.Exploit.Java.Bytverify

C:\Program Files\Norton AntiVirus\Quarantine\38DB1A00.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\4056751F.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\4056751F.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\4056751F.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\42E66C4C.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\42E66C4C.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\42E66C4C.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\446C55FF.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\446C55FF.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\48AD4D86.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\48AD4D86.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\48AD4D86.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\49EB04AC.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.YL

C:\Program Files\Norton AntiVirus\Quarantine\49EB04AC.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\49EB04AC.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\4C7C022A.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\4C7C022A.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\4C7C022A.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\4DFF0990.cla=>(Quarantine-2)
Infected with: Trojan.Exploit.Java.Bytverify

C:\Program Files\Norton AntiVirus\Quarantine\4DFF0990.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\51EC68CC.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\51EC68CC.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\51EC68CC.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\51EC68CC.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\51EC68CC.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\51EC68CC.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\51EC68CC.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\51EC68CC.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\52EA33B4.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\52EA33B4.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\52EA33B4.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\52F107AD.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\52F107AD.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\52F107AD.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\52F107AD.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\52F107AD.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\56627208.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\56627208.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\59844F42.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.D

C:\Program Files\Norton AntiVirus\Quarantine\59844F42.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\5F1676DC.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\5F1676DC.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\5F1676DC.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\5F4479A3.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\5F4479A3.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\5F4479A3.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\5F651D7F.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\5F651D7F.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\5F651D7F.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\5F6B7178.htm=>(Quarantine-2)
Infected with: Exploit.JS.IFrameBO.A

C:\Program Files\Norton AntiVirus\Quarantine\5F6B7178.htm=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\5F6B7178.htm=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\5F6F1B75.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\5F6F1B75.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\5F6F1B75.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\5F8F3F51.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\5F8F3F51.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\5F8F3F51.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\5F96134A.htm=>(Quarantine-2)
Infected with: Trojan.Exploit.Js.Cve.2005.1790.J

C:\Program Files\Norton AntiVirus\Quarantine\5F96134A.htm=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\5F96134A.htm=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\60670CB5.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\60670CB5.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\60670CB5.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\60C653FB.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\60C653FB.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\60C653FB.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\60D94FE6.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\60D94FE6.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\60D94FE6.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\60FA73C2.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\60FA73C2.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\60FD1DBE.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.D

C:\Program Files\Norton AntiVirus\Quarantine\60FD1DBE.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\610047BB.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\610047BB.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\616F5B40.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\616F5B40.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\616F5B40.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\6173053D.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\6173053D.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\6173053D.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\6173053D.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\6173053D.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\61762F39.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.D

C:\Program Files\Norton AntiVirus\Quarantine\61762F39.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\61795936.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\61795936.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\64AF654F.tmp=>(Quarantine-2)
Infected with: Win32.Worm.VB.DW

C:\Program Files\Norton AntiVirus\Quarantine\64AF654F.tmp=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\64AF654F.tmp=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\6BAA5A27.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\6BAA5A27.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\6BAA5A27.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\6BBD5611.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\6BBD5611.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\6BC1000E.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.D

C:\Program Files\Norton AntiVirus\Quarantine\6BC1000E.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\6BC42A0A.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\6BC42A0A.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\73133C01.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.D

C:\Program Files\Norton AntiVirus\Quarantine\73133C01.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\732375ED.htm=>(Quarantine-2)
Infected with: Exploit.JS.IFrameBO.A

C:\Program Files\Norton AntiVirus\Quarantine\732375ED.htm=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\732375ED.htm=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\732A49E6.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\732A49E6.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\732D73E2.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.D

C:\Program Files\Norton AntiVirus\Quarantine\732D73E2.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\732D73E2.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\732D73E2.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\732D73E2.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\73301DDF.cla=>(Quarantine-2)
Infected with: Trojan.Exploit.Java.Bytverify

C:\Program Files\Norton AntiVirus\Quarantine\73301DDF.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\733771D7.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C

C:\Program Files\Norton AntiVirus\Quarantine\733771D7.cla=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\734743C5.wmf=>(Quarantine-2)
Infected with: Exploit.Win32.WMF-PFV

C:\Program Files\Norton AntiVirus\Quarantine\734743C5.wmf=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\734743C5.wmf=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\74F77F9D.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.OG

C:\Program Files\Norton AntiVirus\Quarantine\74F77F9D.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\74F77F9D.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP147\A0017724.dll
Infected with: Trojan.Klone.D

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP147\A0017724.dll
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP147\A0017724.dll
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0018746.exe
Infected with: BehavesLike:Win32.ExplorerHijack

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0018746.exe
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0018746.exe
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019493.exe
Infected with: Backdoor.Genlot.IY

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019493.exe
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019493.exe
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019503.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019503.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019503.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019504.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019504.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019504.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019505.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019505.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019505.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019506.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019506.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019506.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019507.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019507.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019507.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019508.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019508.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019508.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019509.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019509.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019509.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019510.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019510.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019510.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019511.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019511.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019511.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019512.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019512.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019512.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019513.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Agent.YL

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019513.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019513.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019514.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019514.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019514.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019515.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019515.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019515.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019516.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019516.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019516.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019517.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019517.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019517.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019518.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019518.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019518.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019519.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019519.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019519.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019520.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019520.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019520.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019521.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019521.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019521.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019522.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.OG

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019522.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP151\A0019522.exe=>(Quarantine-2)
Deleted

C:\WINDOWS\SYSTEM32\tips.exe
Infected with: Trojan.Downloader.VB.MM

C:\WINDOWS\SYSTEM32\tips.exe
Disinfection failed

C:\WINDOWS\SYSTEM32\tips.exe
Deleted

C:\WINDOWS\SYSTEM32\wineij32(2).dll
Infected with: Trojan.Klone.D

C:\WINDOWS\SYSTEM32\wineij32(2).dll
Disinfection failed

C:\WINDOWS\SYSTEM32\wineij32(2).dll
Deleted

C:\WINDOWS\Temp\win77.tmp.exe
Infected with: BehavesLike:Win32.ExplorerHijack

C:\WINDOWS\Temp\win77.tmp.exe
Disinfection failed

C:\WINDOWS\Temp\win77.tmp.exe
Deleted

HijackThis Log...

Logfile of HijackThis v1.99.1
Scan saved at 07:20:24, on 31/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\LogMeIn\LogMeInSystray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Skype\Skype.exe
C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe
C:\Program Files\Google\Google Updater\1.1.514.27546\GoogleUpdater.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\LogMeIn\RaMaint.exe
C:\Program Files\LogMeIn\LogMeIn.exe
c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Philips\Philips Lime Service\bin\Lime.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - <default> - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2520BA45-3D97-4864-82FF-F47F951727BA} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9B053E00-78D3-47AE-B763-60FF36FF2886} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\LogMeInSystray.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\1.1.514.27546\GoogleUpdater.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/...gameloader.cab
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com/support/plugins/ebraryRdr.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - https://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?Link...04&clcid=0x409
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://dominomail.salvationarmy.org.uk/iNotes6W.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1133473732375
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://eu-housecall.trendmicro-europ...vex/hcImpl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/sof...iveXPlugin.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...l/SymAData.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://pc.mywebexpc.com/client/v_my...ra/ieatgpc.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\LogMeIn.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

Thanks a lot for your help...

**Neal** · 31-07-2006

Hi, nice job,

To clean your temp folder, recycle bin, etc..please download this free tool:

CCleaner

Don't install any Toolbars, or other programs, should it ask you!Just uncheck the option of installing the Yahoo toolbar.
It will put a shortcut on your Desktop.

Before first use:
Select Options then Advanced.
UNCHECK "Only delete files in Windows Temp folder older than 48 hours"

Click on CCleaner to start it. Then click "Run Cleaner", just use the windows tab up front by default.

Then Reboot (Exit)

Run hijackthis and click on scan button and put checks next to these:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - <default> - (no file)

O2 - BHO: (no name) - {2520BA45-3D97-4864-82FF-F47F951727BA} - (no file)
O2 - BHO: (no name) - {9B053E00-78D3-47AE-B763-60FF36FF2886} - (no file)

Make sure nothing is open but hijackthis and click fix checked.

Reboot and tell me how your computer is behaving now please.

**uncleramsay** · 01-08-2006

Thanks a lot!

This has certainly done the trick!
I have no more popups now. Are you happy that my system is clean and there is no malware running in the background?

How do you learn to understand the HijackThis logfiles etc? - I would love to be as knowledgable as you are with all this stuff!!

Thanks again

**Neal** · 01-08-2006

HI,

I went thru a schooling process and some things were self taught.

You need to clear your sun java cache and here is how:

http://www.java.com/en/download/help/5000020300.xml

There is a new version of sunjava out now so getting that would help in security issues also.

If you are no longer having any more trouble here is some preventative measures for you.

Be sure to re-hide hidden files/folders if you were asked to unhide them

Here are some preventive measures you can take to keep your computer from getting infected again. also keep all these and Ad-awareSE and SpybotS&D updated.

http://www.d-a-l.com/help/showthread.php?t=32403

Flush your restore points in ME and XP, by turning System Restore off and then back on.
This will create a fresh restore point.

Explained Here:
Windows XP: http://vil.nai.com/vil/SystemHelpDoc...ysRestore.aspx

Explained Here
Microsoft ME:
http://service1.symantec.com/SUPPORT...rc=sec_doc_nam

RegProtect

This small registry protection tool will save you hours of heartache by notifying you when some program good or bad is trying to access your registry.

You have the option of allowing(good) items or blocking(bad)items.

http://www.diamondcs.com.au/index.php?page=regprot

To reduce the re-infection potential for malware and protect yourself against spyware, here are a few helpful suggestions:

1. Keep Windows and Internet Explorer current with the latest critical security updates from Microsoft. This will patch many of the security holes through which attackers can gain access to your computer. You CANNOT complete this update using an alternate browser.
http://v5.windowsupdate.microsoft.co....aspx?ln=en-us

http://www.microsoft.com/windows/ie/default.asp

2. Run your antivirus software regularly, and to keep its definitions up-to-date. If you are thinking about switching, there are a some good free Antivirus programs that are decent, including AVG and Avast!.
AVG: http://free.grisoft.com/doc/1

Avast: http://www.avast.com/eng/avast_4_home.html

3. In addtion to using Ad-aware consider using another free malware scanning/removal program:
Windows Defender

http://www.microsoft.com/athome/secu...e/default.mspx

4. Consider using a free firewall if you are not already using one. Some good free ones are:
Kerio
http://www.sunbelt-software.com/Kerio.cfm

OutPost Personal Firewall:
Outpost

5. Consider using an alternate free browser for general web surfing but you must use IE for windows update.
Mozilla Firefox: www.mozilla.org/products/firefox/

6. Consider increasing your browser security by using these programs:
SpywareGuard will protect your homepage from being hijacked: http://www.javacoolsoftware.com/spywareguard.html
SpywareBlaster will increase browser protection by blocking Thousands of known malware sites by adding them to IE's restricted sites zone. Download it here:

http://www.javacoolsoftware.com/spywareblaster.html

If you use SpywareBlaster, you can also use a customblocklist to add even more entries into IE restricted sites zone. Go to this site for the current list and how to use instructions: http://customblockinglist.cjb.net/

IE-SPYAD is similar in that it adds thousands more known malware sites to IE's restricted zone. Download it here:
https://netfiles.uiuc.edu/ehowes/www/resource.htm

Block access to Untrustworthy Sites

You can prevent your computer from visiting a myriad of untrustworthy sites and ad-servers by installing a customised hosts file. One of the best available is the: MVPS Hosts File. Simply follow the instructions to install the file in the correct location. This will not only make surfing safer but will improve website load times and block popups from many of the large ad-servers.

*Remember just like your primary anti-virus software, it is important to keep all of these programs up-to-date and use them on a regular basis. It's Free

Adware?(RESOLVED)

Adware?(RESOLVED)

Similar Threads

please help cannot get rid of adware and trojans

Adware Problem(RESOLVED)

help me against adware, trojan...(RESOLVED)

Problems with ADWARE.LOP(RESOLVED)

Adware (RESOLVED)