Well here I go again, I let my daughter use the PC to keep her intertained .
She likes playing the games at Pogo.com and now has found the pleasures of down loading music files.

I think she let a spyware or malware in on me, my I.E gets redirected to this web site(http://accountbox.com/warning/2.php ) which pops up as my new IE page when I start IE.

I tried to run a few virus scans and a adware se even tried the trojin removers.

I need help in gettting my IE back.

HJT log attatched.
Also included the KASPERSKY ONLINE SCANNER REPORT!!!


Thanks for any help,Benny

Logfile of HijackThis v1.99.1
Scan saved at 2:24:03 AM, on 7/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~3\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\PROGRA~1\NORTON~3\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Documents and Settings\Owner\My Documents\Trojan Remover\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\CallWave\IAM.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\My Documents\Trojan Remover\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.porn-info.info/?%20to%20verify%20your%20age,%20REQUIRED!%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20WARNING!%20Adult%20pictures%20are%20featured%20in%20this%20site.%20Only%20adults%20permitted%20beyond%20this%20point!%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Are%20you%20at%20least%2018%20years%20old
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R3 - URLSearchHook: (no name) - {04515EA6-0E9F-0F55-2361-67CEB0AD9BAC} - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-us\msntb.dll
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TrojanScanner] C:\Documents and Settings\Owner\My Documents\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: CallWave.lnk = C:\Program Files\CallWave\IAM.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-us\msntb.dll/search.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk572DIUS
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-us\msntabres.dll/229?6576f6ffc02d49628c5cb8837479e5dc
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-us\msntabres.dll/230?6576f6ffc02d49628c5cb8837479e5dc
O8 - Extra context menu item: Send Image to Photo Library - file://C:\Documents and Settings\Owner\Application Data\MGI\PhotoSuite4\Temp\MGI00000.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab40641.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} (Pool Control) - http://mirror.worldwinner.com/games/v44/pool/pool.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://mirror.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.ofoto.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} (ZPA_WheelOfFortune Object) - http://zone.msn.com/bingame/zpagames/zpa_wof.cab34501.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {C738EA53-97C2-441B-AC52-DFBC597BCBE5} (Chess Control) - http://mirror.worldwinner.com/games/v45/chess/chess.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {D81CA86B-EF63-42AF-BEE3-4502D9A03C2D} (MMRadioHostX Class) - http://wwws.musicmatch.com/graphics/WebPlayer/MMLRadio.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames/CheckersZPA.cab40641.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{279388EE-6397-4344-BC64-EBDE543CF1AA}: NameServer = 85.255.115.74,85.255.112.95
O17 - HKLM\System\CCS\Services\Tcpip\..\{31ECF90D-74E8-4126-8CF4-E7AE388DA443}: NameServer = 85.255.115.74,85.255.112.95
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF564BBA-BA28-48C7-971A-324555928442}: NameServer = 209.244.0.3 209.244.0.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6C7B110-8F54-49E2-9153-B76FC5687A6E}: NameServer = 85.255.115.74,85.255.112.95
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Documents and Settings\Owner\My Documents\Trojan Remover\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\IXP000.TMP\MsiExec.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

KASPERSKY ONLINE SCANNER REPORT
Thursday, July 13, 2006 11:05:35 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 14/07/2006
Kaspersky Anti-Virus database records: 207172


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\
F:\

Scan Statistics
Total number of scanned objects 154559
Number of viruses found 39
Number of infected objects 368 / 0
Number of suspicious objects 1
Duration of the scan process 02:11:18

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\WDLog-05092006-235206.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2006-07-13_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{81968E2F-8E64-4C01-B9A6-72BEECC86F82}\Microsoft\Outlook Express\Launch info..dbx/[From "david & diana stowe" ][Date Mon, 1 Sep 2003 08:07:15 -0500]/UNNAMED/html Infected: Virus.JS.Fortnight.f skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{81968E2F-8E64-4C01-B9A6-72BEECC86F82}\Microsoft\Outlook Express\Launch info..dbx/[From "david & diana stowe" ][Date Mon, 1 Sep 2003 08:07:15 -0500]/UNNAMED Infected: Virus.JS.Fortnight.f skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{81968E2F-8E64-4C01-B9A6-72BEECC86F82}\Microsoft\Outlook Express\Launch info..dbx Mail MS Outlook 5: infected - 2 skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{C40E01A9-8642-45B8-90BA-E044285EA96C} Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\msn1820.fdr Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temp\Perflib_Perfdata_4a4.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\ntuser.dat Object is locked skipped
C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped
C:\hp\bin\KillWind.exe Infected: not-a-virus:RiskTool.Win32.PsKill.p skipped
C:\Program Files\CallWave\Account2723437\IAM.exe.log Object is locked skipped
C:\Program Files\CallWave\Account2723437\IAM.exe.stt Object is locked skipped
C:\Program Files\CallWave\IAM.exe.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsys.dll Object is locked skipped
C:\Program Files\MSN\MSNCoreFiles\market.mar Object is locked skipped
C:\Program Files\MSN\MSNCoreFiles\themedef.mar Object is locked skipped
C:\Program Files\MSN\MSNCoreFiles\ui.mar Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\AVApp.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\AVError.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00AC49A7 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00B461A0.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\01270EDC Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\014F375E.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\01AB199E Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0206249A.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\02A91CD1.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\02AB6996 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\036A3324 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03A16B5B.htm Infected: Trojan-Downloader.JS.gen skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03A70C9F.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03AB369B.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03AB369B.exe Infected: Trojan-Downloader.Win32.CWS.gen skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03C43E9D.htm Infected: Exploit.VBS.Phel.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03D5108B.htm Infected: Exploit.VBS.Phel.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03DE0E81.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\041B23FA.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\04A90986 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0505152C.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\05A8597E Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\05D00447 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\05ED3A4C.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\063957CF.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\07560D67.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\07593763.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0808524F Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\08244320 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\088A3927 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\088E4498 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\08D27667.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\08F02F2F Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\090623F0.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0927355C Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\09D5257D Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0AA46955 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0B7F5E2C.htm Infected: Exploit.VBS.Phel.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BA3394D Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BBD7BE8.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0BC025E4.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0CA20945 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0CF05643 Infected: Trojan-Downloader.Win32.Agent.al skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0F9227B5 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0FAF28BF.exe Infected: Trojan-Downloader.Win32.Small.byj skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\119A4BAF Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\11EC297A.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\134A7C56.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\13B57F1E Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1411283F Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\141B7526 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14816B2D Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\154F29ED Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\161D4F3D.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\16721D2D.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\16764729.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\16C420B7.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1803673D.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\18BA1DAB Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\18D62563.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\19335132.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\197612D9.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\197C66D1.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1A640822.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1A745A10.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1B317A3B Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1C1D46B9.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CA704F8.exe Infected: Trojan-Downloader.Win32.Agent.uj skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC24D0D.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC57709.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1D985E55.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1DB65835.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1DDF230E.htm Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E0944E0.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1F3C602F.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1FAB3124 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1FB61A71.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1FDA6FA6 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2011272C Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\20395D05.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\20C96E7F.wmf Infected: Trojan-Downloader.Win32.Agent.acd skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\21781E7E Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\21CF5E6E.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22260E9E Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\222B404A.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22486FE9.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22514C37 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23815C04.htm Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23BC4FC4.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\245820E8.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\245E74E1.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24830227.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\25684F22.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\256E231B.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\261A1240.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\26FA41A2 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27E310D6 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\28435B53.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\284F73FF.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\28A554C7.htm Infected: Exploit.VBS.Phel.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\28D9748D.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2957298D.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\29711E32 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2A74494B.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2A841B39.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2B2838CD.class Infected: Trojan.Java.Femad skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2B3B6D23 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2BA1632A Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2BBF19FD.class Infected: Trojan-Dropper.Java.Beyond.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2C085932 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2C8E6463.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2C986258.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2CD0301E.htm Infected: Exploit.VBS.Phel.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2CE0020C.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2CE0020C.htm Infected: Exploit.VBS.Phel.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2CE42C09.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2DD122B7.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2E1B139E Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2E4F032F Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2E57670F.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F755A4A.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\30273A9C.class Infected: Trojan.Java.ClassLoader.j skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\314C7698 Infected: Net-Worm.Win32.Dedler.u skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\314F2094 Infected: Net-Worm.Win32.Dedler.u skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3182283D.htm Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\31C045F9.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\31CA43EE.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\33204122.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\332602C3.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\340B0567 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\343852AC.jar/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\343852AC.jar/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\343852AC.jar/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\343852AC.jar ZIP: infected - 3 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\343852AC.jar CryptFF: infected - 3 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\343C7CA8.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\353B659A Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\36CC2922 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37321F29 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37533A2F.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37981531 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38434692.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\385F2E74.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38625870.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\39974633.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\39C8079F Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\39E45B06 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3A7777C0 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AF43044 Infected: not-a-virus:AdWare.Win32.SBSoft.h skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B05241E.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B187E1D Infected: not-a-virus:AdWare.Win32.FindSpy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B3B05A4.htm Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B450399.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B597F83.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B5C2980.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3B87595F.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3C5B3796 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3E904EF5.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3F506518.htm Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3F636102.htm Infected: Exploit.VBS.Phel.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3F6F059D.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3F7008F4.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\403479F8 Infected: Trojan-Downloader.Win32.Agent.al skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\407179D0.gif Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\407179D0.htm Infected: Exploit.VBS.Phel.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\41042D01 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\41103037.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\412C31A3 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\41CE0FA6.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\425C6520 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4297663C Infected: Trojan.Win32.Starter.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\42C25B28 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\43205BBE Infected: Trojan-Dropper.Win32.Agent.arr skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4328512F Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\432A5192 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\437B0992 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\43DF7D85.class Infected: Trojan-Downloader.Java.OpenStream.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45297182 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45F17C30 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\46532D46.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\46727C47.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\47271172 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\48257EFD Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\48B61E77.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\48E53C1E.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\48E90250.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\48F2640F.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\48F97EC1.htm Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\49F30875 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A250159 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A9C5B8D Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4B2671BE.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4B291D1F Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4B2A1BBA.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4BF634F5.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4C5C6E88 Infected: Trojan-Downloader.Win32.Agent.al skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4CED2360.wmf Infected: Trojan-Downloader.Win32.Agent.acd skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4DEC211F Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4E214139 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4E521726 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4E876E9A.wmf Infected: Trojan-Downloader.Win32.Agent.acd skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4EB90D2E Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4F4550F9 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4FCE5003 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4FF21DDC Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\50202C9E.jar/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\50202C9E.jar/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\50202C9E.jar/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\50202C9E.jar ZIP: infected - 3 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\50202C9E.jar CryptFF: infected - 3 skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\50A11642.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\50EF0C25.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\51BC2D89 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\51C37707 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\523B78B5.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\52C860E1 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\52EB76AF Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\531251C2.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\53167BBF.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\534B0936.htm Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5393121C.class Infected: Trojan.Java.ClassLoader.i skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\54137657 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\54A7762B Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\55E65577.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5623152E Infected: Trojan.Win32.Qhost skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\565231BA.class Infected: Trojan.Java.ClassLoader.k skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\566522F5 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\56A46A08.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\57983F16.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\57BC258C.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\585C5823.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\58856319 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5933533A Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\597D5D1D Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\59E35325 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5A2B1065.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5A49492D Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5B28035B.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5D027566.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5D0C735B.class Infected: Trojan-Dropper.Java.Small.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5D4E5D11 Infected: Trojan-DDoS.Win32.Boxed.w skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5D517397 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5D765E23.wmf Infected: Trojan-Downloader.Win32.Agent.acd skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5D8574F1 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5E401152.htm Suspicious: Exploit.VBS.Phel skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5ED50F4A.htm Infected: Trojan-Downloader.JS.Small.d skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5EF05572 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5F0D7312 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5F524E10.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5FA172E6 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\601C6A13 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\601F140F Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\60223E0B Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\60256808 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\60291204 Infected: Trojan-Downloader.Win32.Agent.bq skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\602C3C01 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\602F65FD Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\60307069.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\60320FFA Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\603639F6 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\603963F2 Infected: Trojan-Downloader.Win32.Agent.al skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\603C0DEF Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\603F37EB Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\604361E8 Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\60460BE4 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\604935E0 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\604D5FDD Infected: Trojan-Downloader.Win32.Agent.ap skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\605009D9 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\605333D6 Infected: Trojan-Downloader.Win32.Agent.an skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\60565DD2 Infected: Trojan-

Run HJT and check the following.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.porn-info.info/?%20to%20ve...%20years%20old
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R3 - URLSearchHook: (no name) - {04515EA6-0E9F-0F55-2361-67CEB0AD9BAC} - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearc...p=ZNxmk572DIUS
Close all other windows and click fix checked.

I see you have Ewido but im not sure if it is up to date so im giving you the instructions for the most current Ewido scanner.

Please download and install ewido anti-spyware tool

  • Close all other Applications Select language click Ok
  • Click I Agree
  • Click next
  • Click Install
  • Click Finish
  • Wait Ewido will open main screen automatically.
  • Wait again a few minutes and Ewido Should Auto update itself. If it doesn't click update at top of screen.
  • This in very important to get updates
  • When updating has finished. Close Ewido.

If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.

  • Next, please reboot your computer in Safe Mode by doing the following:
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
  • Instead of Windows loading as normal, a menu should appear use arrow up to highlight
  • Select the first option, to run Windows in Safe Mode hit enter.
  • For additional help in booting into Safe Mode, see the following site: HERE

    You MUST manage to get into Safe Mode for the fix to work.

Make sure to close all open windows/programs/folders. Have nothing else open while ewido performs its scan!

  • Open Ewido
  • Click on scanner top of Ewido sceen
  • Click on Settings
  • Under How to Act click on Recommended Action choose Quarantine
  • Under How to scan all boxes should be selected
  • Under Possibly unwanted software all boxes should be selected
  • On right side under Reports: click on Automatically generate report after every scan.
  • Under What to scan select scan every file
  • Click On scan Tab
  • Click on Complete system scan
  • Let the program scan the machine It can take awhile give it time.
  • When scan has finished At bottom of screen click Apply all Actions
  • Click Save report
  • Click Save Report as (Save as window's screen should pop up.)
  • Click desktop
  • Click Save
  • Exit ewido

Reboot back to normal mode

Post a new HJT log along with the Ewido log.
BTW-that kaspersky report was useless all it found where the quaritine files for norton.

[Note from DMR:
Hey folks- I found this post wandering around all lost and alone in a separate thread, so I thought I'd bring it back here to its family. :D]


Ok, i did the repairs listed in my last post, here are the latest HJT and ewido reports.


Thanks,Benny

Logfile of HijackThis v1.99.1
Scan saved at 5:35:46 PM, on 7/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~3\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\PROGRA~1\NORTON~3\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CallWave\IAM.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Owner\My Documents\Trojan Remover\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-us\msntb.dll
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TrojanScanner] C:\Documents and Settings\Owner\My Documents\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: CallWave.lnk = C:\Program Files\CallWave\IAM.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-us\msntb.dll/search.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-us\msntabres.dll/229?6576f6ffc02d49628c5cb8837479e5dc
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-us\msntabres.dll/230?6576f6ffc02d49628c5cb8837479e5dc
O8 - Extra context menu item: Send Image to Photo Library - file://C:\Documents and Settings\Owner\Application Data\MGI\PhotoSuite4\Temp\MGI00000.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab40641.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} (Pool Control) - http://mirror.worldwinner.com/games/v44/pool/pool.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10...y.cab32846.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab32846.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://mirror.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.ofoto.com/downloads/BUM/B...1/axofupld.cab
O16 - DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} (ZPA_WheelOfFortune Object) - http://zone.msn.com/bingame/zpagames...f.cab34501.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {C738EA53-97C2-441B-AC52-DFBC597BCBE5} (Chess Control) - http://mirror.worldwinner.com/games/v45/chess/chess.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...a/SymAData.cab
O16 - DPF: {D81CA86B-EF63-42AF-BEE3-4502D9A03C2D} (MMRadioHostX Class) - http://wwws.musicmatch.com/graphics/...r/MMLRadio.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10...y.cab41227.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames...A.cab40641.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{279388EE-6397-4344-BC64-EBDE543CF1AA}: NameServer = 85.255.115.74,85.255.112.95
O17 - HKLM\System\CCS\Services\Tcpip\..\{31ECF90D-74E8-4126-8CF4-E7AE388DA443}: NameServer = 85.255.115.74,85.255.112.95
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF564BBA-BA28-48C7-971A-324555928442}: NameServer = 209.244.0.3 209.244.0.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6C7B110-8F54-49E2-9153-B76FC5687A6E}: NameServer = 85.255.115.74,85.255.112.95
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Documents and Settings\Owner\My Documents\Trojan Remover\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\IXP000.TMP\MsiExec.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:07:42 AM 7/17/2006

+ Scan result:

C:\Documents and Settings\Owner\Cookies\owner@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Owner\Cookies\owner@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
C:\Documents and Settings\Owner\Cookies\owner@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).


::Report end

Thanks, didn't realize I should have kept it all together in one post.

Benny

Thats ok are you still having problems.

Also do you know what the following are?

Level 3 Communications, Inc.

RIPE Network Coordination Centre

If you dont go to HJT and check all of the entries that have 017
behind them.
Close all other windows and click fix checked.

Also do you know what the following are?

Level 3 Communications, Inc.

RIPE Network Coordination Centre

If you dont go to HJT and check all of the entries that have 017
behind them.
Close all other windows and click fix checked.

Info on RIPE: "The RIPE NCC is one of five Regional Internet Registries (RIRs) providing Internet resource allocations, registration services and co-ordination activities that support the operation of the Internet globally."

However, addresses assigned by RIPE may belong to malicious domains, and that's true in this case: the entire IP address range of 85.255.112.0 - 85.255.127.255 is owned by the fine folks who bring us the Smitfraud/SpyWareQuake/SpyAxe/SpySheriff infections. Any time you see an 017 HJT log entry containing a 85.255. IP, it should be fixed and the system should be checked for the above-mentioned infections if that hasn't already been done.

Level3 is a legit network service provider; the 209.244.0.3 and 209.244.0.4 IP addresses belong to Level3's (legit) DNS servers.

kylethedarkn,

We were getting way off-topic with our pageview troubleshooting posts here, so I've pulled them and added them to a thread regarding the problem which we currently have going here:

http://www.daniweb.com/techtalkforums/post236242.html#post236242

Let's keep hunting the problem down in that thread...


-

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.