Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

HijackThis Log

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

HijackThis Log

Unread postby jthompson » January 15th, 2007, 2:21 pm

Over the past several weeks I have been getting an enormous amount of popups and problems, mainly from IE, that started with Winantiviruspro and have included many, many others. I found this site and ran the recommended virus programs including Spybot, a-squared, Trend Micro and Panda Active Scan as well as my own Norton Virus Program. After running them, the problems have persisted so I would greatly appreciate your help. Here is my HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 12:17:44 PM, on 1/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Wireless Desktop\LgWDskTp.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... _homepage/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [LgWDskTp] C:\Program Files\Wireless Desktop\LgWDskTp.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor/mjolauncher.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/ ... taller.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/bejewe ... er_v10.cab
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
jthompson
Regular Member
 
Posts: 19
Joined: January 15th, 2007, 10:24 am
Advertisement
Register to Remove

Unread postby Shaba » January 15th, 2007, 2:30 pm

Hi jthompson

Rename HijackThis.exe to HJT.exe and post a fresh HijackThis log, please :)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Unread postby jthompson » January 15th, 2007, 3:10 pm

I hope I did this right. Here's the new log:

Logfile of HijackThis v1.99.1
Scan saved at 1:08:55 PM, on 1/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Wireless Desktop\LgWDskTp.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HijackThis\HJT.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... _homepage/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\system32\vramuhpb.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: (no name) - {E2E64338-8202-483D-9795-30C3680A809B} - C:\WINDOWS\Config\xepnu.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [LgWDskTp] C:\Program Files\Wireless Desktop\LgWDskTp.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor/mjolauncher.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/ ... taller.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/bejewe ... er_v10.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: xepnu - C:\WINDOWS\Config\xepnu.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
jthompson
Regular Member
 
Posts: 19
Joined: January 15th, 2007, 10:24 am

Unread postby Shaba » January 16th, 2007, 9:07 am

Hi

Please download VundoFix.exe to your desktop.

  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log.

Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Unread postby jthompson » January 16th, 2007, 11:45 am

First off I'd like to say thanks again for your help. Here is the Vundo Fix txt file:

VundoFix V6.3.2

Checking Java version...

Java version is 1.5.0.5

Java version is 1.5.0.6

Java version is 1.5.0.9

Scan started at 9:17:05 AM 1/16/2007

Listing files found while scanning....

C:\WINDOWS\Config\unpex.bak1
C:\WINDOWS\Config\unpex.bak2
C:\WINDOWS\Config\unpex.ini
C:\WINDOWS\Config\unpex.ini2
C:\WINDOWS\Config\unpex.tmp
C:\WINDOWS\Config\xepnu.dll
C:\WINDOWS\system32\bjsrwjck.dll
C:\WINDOWS\system32\comfclgu.dll
C:\WINDOWS\system32\coriydcc.dll
C:\WINDOWS\system32\dsbmuvbv.dll
C:\WINDOWS\system32\egahkseh.dll
C:\WINDOWS\system32\ftgsosui.dll
C:\WINDOWS\system32\fxikfvoh.dll
C:\WINDOWS\system32\glvnghpa.dll
C:\WINDOWS\system32\gpupghni.dll
C:\WINDOWS\system32\hactalio.dll
C:\WINDOWS\system32\kdhjofel.dll
C:\WINDOWS\system32\kduhfkdc.dll
C:\WINDOWS\system32\klppbkec.dll
C:\WINDOWS\system32\ldcxpqug.dll
C:\WINDOWS\system32\lpmcugju.dll
C:\WINDOWS\system32\lvgishvo.dll
C:\WINDOWS\system32\mtadrhiy.dll
C:\WINDOWS\system32\oxdvaauc.dll
C:\WINDOWS\system32\oyerjfcq.dll
C:\WINDOWS\system32\pbwkxayd.dll
C:\WINDOWS\system32\sjkyhjuj.dll
C:\WINDOWS\system32\srycpvog.dll
C:\WINDOWS\system32\thpprjme.dll
C:\WINDOWS\system32\ufxbevqf.dll
C:\WINDOWS\system32\ugkyxixj.dll
C:\WINDOWS\system32\ulcovqfs.dll
C:\WINDOWS\system32\urfxmiuj.dll
C:\WINDOWS\system32\usaoyngi.dll
C:\WINDOWS\system32\vgsiqrwp.dll
C:\WINDOWS\system32\vramuhpb.dll
C:\WINDOWS\system32\vwlivxfa.dll
C:\WINDOWS\system32\xlkpdoxy.dll
C:\WINDOWS\system32\xloesafs.dll

Beginning removal...

Attempting to delete C:\WINDOWS\Config\unpex.bak1
C:\WINDOWS\Config\unpex.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\Config\unpex.bak2
C:\WINDOWS\Config\unpex.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\Config\unpex.ini
C:\WINDOWS\Config\unpex.ini Has been deleted!

Attempting to delete C:\WINDOWS\Config\unpex.ini2
C:\WINDOWS\Config\unpex.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\Config\unpex.tmp
C:\WINDOWS\Config\unpex.tmp Has been deleted!

Attempting to delete C:\WINDOWS\Config\xepnu.dll
C:\WINDOWS\Config\xepnu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\bjsrwjck.dll
C:\WINDOWS\system32\bjsrwjck.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\comfclgu.dll
C:\WINDOWS\system32\comfclgu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\coriydcc.dll
C:\WINDOWS\system32\coriydcc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\dsbmuvbv.dll
C:\WINDOWS\system32\dsbmuvbv.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\egahkseh.dll
C:\WINDOWS\system32\egahkseh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ftgsosui.dll
C:\WINDOWS\system32\ftgsosui.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\fxikfvoh.dll
C:\WINDOWS\system32\fxikfvoh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\glvnghpa.dll
C:\WINDOWS\system32\glvnghpa.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hactalio.dll
C:\WINDOWS\system32\hactalio.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\kdhjofel.dll
C:\WINDOWS\system32\kdhjofel.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\kduhfkdc.dll
C:\WINDOWS\system32\kduhfkdc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\klppbkec.dll
C:\WINDOWS\system32\klppbkec.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ldcxpqug.dll
C:\WINDOWS\system32\ldcxpqug.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lpmcugju.dll
C:\WINDOWS\system32\lpmcugju.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lvgishvo.dll
C:\WINDOWS\system32\lvgishvo.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mtadrhiy.dll
C:\WINDOWS\system32\mtadrhiy.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\oxdvaauc.dll
C:\WINDOWS\system32\oxdvaauc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\oyerjfcq.dll
C:\WINDOWS\system32\oyerjfcq.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pbwkxayd.dll
C:\WINDOWS\system32\pbwkxayd.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\sjkyhjuj.dll
C:\WINDOWS\system32\sjkyhjuj.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\srycpvog.dll
C:\WINDOWS\system32\srycpvog.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\thpprjme.dll
C:\WINDOWS\system32\thpprjme.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ufxbevqf.dll
C:\WINDOWS\system32\ufxbevqf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ugkyxixj.dll
C:\WINDOWS\system32\ugkyxixj.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ulcovqfs.dll
C:\WINDOWS\system32\ulcovqfs.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\urfxmiuj.dll
C:\WINDOWS\system32\urfxmiuj.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\usaoyngi.dll
C:\WINDOWS\system32\usaoyngi.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vgsiqrwp.dll
C:\WINDOWS\system32\vgsiqrwp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vramuhpb.dll
C:\WINDOWS\system32\vramuhpb.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vwlivxfa.dll
C:\WINDOWS\system32\vwlivxfa.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\xlkpdoxy.dll
C:\WINDOWS\system32\xlkpdoxy.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\xloesafs.dll
C:\WINDOWS\system32\xloesafs.dll Has been deleted!

Performing Repairs to the registry.
Done!

And here is the new HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 9:42:14 AM, on 1/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Wireless Desktop\LgWDskTp.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HijackThis\HJT.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... _homepage/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\system32\vramuhpb.dll (file missing)
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: (no name) - {E2E64338-8202-483D-9795-30C3680A809B} - C:\WINDOWS\Config\xepnu.dll (file missing)
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [LgWDskTp] C:\Program Files\Wireless Desktop\LgWDskTp.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor/mjolauncher.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/ ... taller.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/bejewe ... er_v10.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
jthompson
Regular Member
 
Posts: 19
Joined: January 15th, 2007, 10:24 am

Unread postby Shaba » January 16th, 2007, 11:51 am

Hi

Looking better :)

I recommend to uninstall Viewpoint Manager from add/remove programs because it's totally useless and resource hog.

Uninstall also these java versions:

1.5.0.5
1.5.0.6
1.5.0.9

Open HijackThis, click do a system scan only and checkmark these:

O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\system32\vramuhpb.dll (file missing)
O2 - BHO: (no name) - {E2E64338-8202-483D-9795-30C3680A809B} - C:\WINDOWS\Config\xepnu.dll (file missing)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/bejewe ... er_v10.cab


Close all windows including browser and press fix checked.

Reboot

Please do an online scan with Kaspersky Online Scanner. You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then start to download the latest definition files.
  • Once the scanner is installed and the definitions downloaded, click Next.
  • Now click on Scan Settings
  • In the scan settings make sure that the following are selected:

    o Scan using the following Anti-Virus database:

    + Extended (If available otherwise Standard)

    o Scan Options:

    + Scan Archives
    + Scan Mail Bases

  • Click OK
  • Now under select a target to scan select My Computer
  • The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button
  • Save the file to your desktop.
  • Copy and paste that information in your next post.


Send:

- a fresh HijackThis log
- kaspersky report
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Unread postby jthompson » January 16th, 2007, 3:48 pm

The Kaspersky scan finally finished so here is the new HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 1:47:07 PM, on 1/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Wireless Desktop\LgWDskTp.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\HijackThis\HJT.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... _homepage/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [LgWDskTp] C:\Program Files\Wireless Desktop\LgWDskTp.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor/mjolauncher.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/ ... taller.exe
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

And the Kaspersky results txt file:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, January 16, 2007 1:45:48 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 16/01/2007
Kaspersky Anti-Virus database records: 258914
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\

Scan Statistics:
Total number of scanned objects: 152997
Number of viruses found: 18
Number of infected objects: 223 / 0
Number of suspicious objects: 0
Duration of the scan process: 02:05:15

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Sony Corporation\SonicStage\Packages\MtData.ldb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Sony Corporation\SonicStage\Packages\MtData.mdb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\VzCdb_Mgr.ldf Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\VzCdb_Mgr.mdf Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-01-16_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01E21EC5.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\02EE119F.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\031A0382.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\064A6AE4.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\065468D9.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08481640.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A882A72.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A8D2E58.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\12152907.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\12292116.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\12B2085A.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13330559.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13712314.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1438722C.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14653DFA.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\146C11F3.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1677366D.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\183D2D24.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\185E5100.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\19D52601.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1ADF028C.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1AE90081.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1CAB7F73.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1CBC5161.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1F843194.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1F8C55A0.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\269329E1.dll Infected: Trojan.Win32.BHO.o skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\26CF10B1.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\274F4032.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\27616C0A.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\284D566D.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2A0562D3.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2B6011B8.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2E6D5EB3.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30EB0C02.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30FB5DF0.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31044947.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\310B2FDE.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32D8369D.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33A037C1.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33D037BA.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3407017D.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34CC5C54.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\356C0271.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35760066.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\35D95178.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\372B7BC0.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\374975A0.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3799705A.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37A26E50.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3C2D4D75.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3C526B60.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\43E31015.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\45007043.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4521141F.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\45FB5F21.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\46080713.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\462356F6.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4803599F.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4DB67611.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\512C74BC.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\51684265.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\582B50D7.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\58F13938.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\58F53347.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\609172BD.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61724260.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6193663C.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\62A15105.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\62BC20E8.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\62D670CC.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\64A94B83.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\651B1334.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\65B77287.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\65D81663.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\66D557CA.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\66DB2BC3.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\686476B4.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\68ED49C9.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\68F747BF.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6DE1687C.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6DF20A7C.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\74313480.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\74345E7C.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\759D7F15.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\76D42F26.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\76EE7F09.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\779F283A.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\79C41C98.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7F107926.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7F2D7306.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7F4B6CE5.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_3831707727_4849664_62044 Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE2.tmp Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{DF9CCFA1-896A-4434-919D-BEB40FB6FA87}.TmpSBE Object is locked skipped
C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp Object is locked skipped
C:\Documents and Settings\All Users\DRM\drmstore.hds Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\cert8.db Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\flashgot.log Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\history.dat Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\key3.db Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\parent.lock Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\search.sqlite Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped
C:\Documents and Settings\JRod\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Temp\Perflib_Perfdata_4ac.dat Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\JRod\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\JRod\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\AntiSpam\Log\Spam.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\master.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\mastlog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\model.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\modellog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\tempdb.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\templog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\LOG\ERRORLOG Object is locked skipped
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.62 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0565NAV~.TMP Object is locked skipped
C:\Program Files\xSetup Filesx\mirc616.exe/data0001.bin Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
C:\Program Files\xSetup Filesx\mirc616.exe mIRC: infected - 1 skipped
C:\Program Files\xSetup Filesx\mirc62.exe/stream/data0006 Infected: not-a-virus:Client-IRC.Win32.mIRC.62 skipped
C:\Program Files\xSetup Filesx\mirc62.exe/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.62 skipped
C:\Program Files\xSetup Filesx\mirc62.exe NSIS: infected - 2 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039474.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039475.dll Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039481.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039482.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039483.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039484.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039485.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039486.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039487.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039488.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039489.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039490.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039491.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039492.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039493.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039494.dll Infected: Trojan-Spy.Win32.Agent.ps skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039495.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039496.dll Infected: Trojan-Spy.Win32.Agent.ps skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039497.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039498.dll Infected: Packed.Win32.Klone.k skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039499.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.cd skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039500.exe Infected: Trojan-Downloader.Win32.Zlob.wc skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039501.dll Infected: Trojan.Win32.Agent.vg skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039502.exe Infected: Trojan-Clicker.Win32.Small.kx skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP463\A0040445.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP463\A0040446.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP465\A0040501.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP465\A0040502.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040637.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040638.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040639.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040640.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040641.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040642.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040643.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040644.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP474\A0042605.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP474\A0044669.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP474\A0044670.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044676.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044726.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044727.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044728.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044729.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044730.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044731.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044732.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044733.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP476\A0044856.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP477\A0044896.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP477\A0044897.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP477\A0044898.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP478\A0044923.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP478\A0044927.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP479\A0045704.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP496\A0047592.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP500\A0047778.dll Infected: Trojan.Win32.BHO.o skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP502\A0047820.exe Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP503\A0047910.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052443.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dq skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052444.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052445.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052446.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052447.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052448.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052449.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052450.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052451.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052452.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052453.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052454.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052455.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052456.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052457.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052458.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052459.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052460.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052461.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052462.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052463.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052464.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052465.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052466.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052467.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052468.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052469.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052470.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052471.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052472.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052473.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052474.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052475.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP530\change.log Object is locked skipped
C:\VundoFix Backups\bjsrwjck.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\comfclgu.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\coriydcc.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\dsbmuvbv.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\egahkseh.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\ftgsosui.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\fxikfvoh.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\glvnghpa.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\hactalio.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\kdhjofel.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\kduhfkdc.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\klppbkec.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\ldcxpqug.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\lpmcugju.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\lvgishvo.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\mtadrhiy.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\oxdvaauc.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\oyerjfcq.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\pbwkxayd.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\sjkyhjuj.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\srycpvog.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\thpprjme.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\ufxbevqf.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\ugkyxixj.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\ulcovqfs.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\urfxmiuj.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\usaoyngi.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\vgsiqrwp.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\vramuhpb.dll.bad Infected: Trojan.Win32.BHO.g skipped
C:\VundoFix Backups\vwlivxfa.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\xepnu.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.dq skipped
C:\VundoFix Backups\xlkpdoxy.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\VundoFix Backups\xloesafs.dll.bad Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\ModemLog_HDAUDIO SoftV92 Data Fax Modem with SmartCP.txt Object is locked skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{9C05F363-BA59-4434-89B1-286A37AC4B5C}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\JETDED6.tmp Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_9f0.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
jthompson
Regular Member
 
Posts: 19
Joined: January 15th, 2007, 10:24 am

Unread postby Shaba » January 17th, 2007, 12:33 pm

Hi

Empty these folders:

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\
C:\VundoFix Backups

Empty Recycle Bin

Re-scan with kaspersky

Send:

- a fresh HijackThis log
- kaspersky report
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Unread postby jthompson » January 17th, 2007, 2:48 pm

I got the VundoFix folder emptied but the Norton Quarantine folder will not empty. It says access denied when I try to get rid of most of the contents. Is there some way to get around it or should I go ahead and do the Kaspersky scan/HijackThis log anyway?
jthompson
Regular Member
 
Posts: 19
Joined: January 15th, 2007, 10:24 am

Unread postby Shaba » January 17th, 2007, 2:49 pm

Hi

Empty it then in safe mode, please :)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Unread postby jthompson » January 17th, 2007, 3:33 pm

I may be showing my complete ineptness here, but I don't know how to empty a folder in safe mode. I would appreciate any help in doing so. Thanks!
jthompson
Regular Member
 
Posts: 19
Joined: January 15th, 2007, 10:24 am

Unread postby Shaba » January 18th, 2007, 4:09 am

Hi

First boot in safe mode, info

Then empty that folder and empty recycle bin.

Reboot and scan with kaspersky.

Success this time?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Unread postby jthompson » January 18th, 2007, 10:41 am

Ok, I finally got everything to work, and below are the new HijackThis log and a fresh Kaspersky scan results. But, when I finished emptying the folders and rebooted my Norton gave me a message saying, 'Norton Antivirus 2006 does not support the repair feature, please uninstall and reinstall.' I can do that just fine, but I just wanted to point that out in case there was some other problem or something you could instruct me in to fix it easier/faster. So, here's the new HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 8:40:46 AM, on 1/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Wireless Desktop\LgWDskTp.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\HijackThis\HJT.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... _homepage/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [LgWDskTp] C:\Program Files\Wireless Desktop\LgWDskTp.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor/mjolauncher.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/ ... taller.exe
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

And here is the Kaspersky scan file:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, January 18, 2007 8:39:38 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 18/01/2007
Kaspersky Anti-Virus database records: 259338
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\

Scan Statistics:
Total number of scanned objects: 143024
Number of viruses found: 18
Number of infected objects: 190 / 0
Number of suspicious objects: 0
Duration of the scan process: 02:09:26

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Sony Corporation\SonicStage\Packages\MtData.ldb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Sony Corporation\SonicStage\Packages\MtData.mdb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\VzCdb_Mgr.ldf Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\VzCdb_Mgr.mdf Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-01-18_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_3831707727_524288_10025 Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE2.tmp Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{82ACDE01-FF1A-4AF1-9EB6-D909FAA69A6E}.TmpSBE Object is locked skipped
C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp Object is locked skipped
C:\Documents and Settings\All Users\DRM\drmstore.hds Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\cert8.db Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\flashgot.log Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\history.dat Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\key3.db Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\parent.lock Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\search.sqlite Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\JRod\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped
C:\Documents and Settings\JRod\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Application Data\Mozilla\Firefox\Profiles\82o9t9ry.Jarrod\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Temp\Perflib_Perfdata_8ec.dat Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\JRod\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\JRod\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\JRod\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\AntiSpam\Log\Spam.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\master.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\mastlog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\model.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\modellog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\tempdb.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\templog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\LOG\ERRORLOG Object is locked skipped
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.62 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0255NAV~.TMP Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0260NAV~.TMP Object is locked skipped
C:\Program Files\xSetup Filesx\mirc616.exe/data0001.bin Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
C:\Program Files\xSetup Filesx\mirc616.exe mIRC: infected - 1 skipped
C:\Program Files\xSetup Filesx\mirc62.exe/stream/data0006 Infected: not-a-virus:Client-IRC.Win32.mIRC.62 skipped
C:\Program Files\xSetup Filesx\mirc62.exe/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.62 skipped
C:\Program Files\xSetup Filesx\mirc62.exe NSIS: infected - 2 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039474.exe Infected: not-a-virus:AdWare.Win32.180Solutions skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039475.dll Infected: not-a-virus:AdWare.Win32.NavExcel.d skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039481.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039482.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039483.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039484.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039485.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039486.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039487.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039488.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039489.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039490.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039491.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039492.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039493.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039494.dll Infected: Trojan-Spy.Win32.Agent.ps skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039495.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039496.dll Infected: Trojan-Spy.Win32.Agent.ps skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039497.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039498.dll Infected: Packed.Win32.Klone.k skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039499.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.cd skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039500.exe Infected: Trojan-Downloader.Win32.Zlob.wc skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039501.dll Infected: Trojan.Win32.Agent.vg skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP459\A0039502.exe Infected: Trojan-Clicker.Win32.Small.kx skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP463\A0040445.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP463\A0040446.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP465\A0040501.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP465\A0040502.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040637.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040638.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040639.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040640.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040641.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040642.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040643.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP468\A0040644.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP474\A0042605.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP474\A0044669.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP474\A0044670.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044676.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044726.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044727.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044728.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044729.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044730.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044731.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044732.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP475\A0044733.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP476\A0044856.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP477\A0044896.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP477\A0044897.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP477\A0044898.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP478\A0044923.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP478\A0044927.dll Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP479\A0045704.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP496\A0047592.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP500\A0047778.dll Infected: Trojan.Win32.BHO.o skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP502\A0047820.exe Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP503\A0047910.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052443.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dq skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052444.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052445.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052446.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052447.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052448.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052449.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052450.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052451.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052452.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052453.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052454.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052455.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052456.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052457.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052458.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052459.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052460.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052461.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052462.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052463.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052464.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052465.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052466.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052467.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052468.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052469.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052470.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052471.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052472.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052473.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052474.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP527\A0052475.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053887.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053888.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053889.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053890.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053891.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053892.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053893.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053894.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053895.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053896.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053897.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053898.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053900.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053901.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053902.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053903.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053904.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053905.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053906.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053907.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053908.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053910.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053911.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053912.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053913.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053914.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053916.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053917.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053918.dll Infected: Trojan.Win32.BHO.o skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053919.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053920.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053921.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053922.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053923.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053924.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053925.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053926.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053927.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053928.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053929.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053930.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053931.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053932.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053933.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053934.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053936.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053937.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053938.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053939.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053940.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053941.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053942.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053943.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053944.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053945.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053946.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053947.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053948.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053949.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053950.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053951.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053952.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053954.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053955.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ft skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053956.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053957.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053958.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053959.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053960.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053961.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053963.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053964.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053965.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053966.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053967.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053968.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053969.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053970.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053971.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053972.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053973.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053974.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053975.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053976.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053977.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053978.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053979.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053980.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053981.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053982.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053983.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\A0053984.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{2C0632EF-9D9A-42B9-B475-C321AD2892A9}\RP531\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\ModemLog_HDAUDIO SoftV92 Data Fax Modem with SmartCP.txt Object is locked skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{5C89243E-D91F-479D-BE07-5B9647C2B573}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\JETDA14.tmp Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_d7c.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
jthompson
Regular Member
 
Posts: 19
Joined: January 15th, 2007, 10:24 am

Unread postby Shaba » January 18th, 2007, 11:43 am

Hi

Before uninstall and reinstall, try this

Did it help?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Unread postby jthompson » January 18th, 2007, 2:30 pm

I finally got everything working. I had to reinstall Norton because, after following that page, I couldn't get the problem solved. But everything is good now. Is there anything else I need to do for HijackThis or Kaspersky or any other tool?
jthompson
Regular Member
 
Posts: 19
Joined: January 15th, 2007, 10:24 am
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 301 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware