As I mentioned, these legitimate files have been modified by the malware but are now harmless, however it looks like your antivirus program is detecting them so you won't be able to use them as-is and reinstallation will be required.
I have posted instructions below to quarantine the files in question which I recommend you follow, this should stop your antivirus complaining but the functions provided by the programs will also stop. The most important ones I can see on the list is your Veritas backup software, and tfswctrl.exe
- this helps your CD/DVD drive work correctly.
to your desktop and double-click the program to start it.
Select the contents of the below file list, then press Ctrl+C
to copy it to the clipboard
In OTMoveIt, click in the left-hand pane and press Ctrl+V
to paste the file-list into the program
Then, press MoveIt!
If the program asks you to reboot now, click No
Copy the Results
output and paste it into a new notepad file so you can post it in your next response. Do this by clicking in the right-hand pane, press Ctrl-A
to select all and copy. Then open Notepad, press Ctrl-V
to paste in the text, and save this text file to your desktop.OTMoveIt file list:
Then reboot your computer to complete the removals.
- Code: Select all
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\MSN Messenger\MsnMsgr.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
something is trying to access te internet but I do not noe if it is a virus. Oh, and its not in your list.
Does Norton tell you the name of the process which is trying to gain access?
Once complete, please post the OTMoveIt report along with a new HijackThis log.