Hello Shaba,
ComboFix seems to have removed the chinese website that always came up as the homepage. I rebooted and now it uses MSN as the homepage. So far so good.
ComboFix 08-11-13.02 - Administrator 2008-11-15 12:45:04.7 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.114 [GMT -5:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
* Created a new restore point
FILE ::
c:\windows\system32\drivers\iwbsv.sys
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\drivers\iwbsv.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_IWBSV
-------\Service_iwbsv
((((((((((((((((((((((((( Files Created from 2008-10-15 to 2008-11-15 )))))))))))))))))))))))))))))))
.
2008-11-13 15:32 . 2008-11-13 15:46 345 --a------ c:\windows\gmer.ini
2008-11-12 20:42 . 2008-10-24 06:25 455,936 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 16:23 . 2008-11-12 16:23 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-11-10 18:04 . 2008-06-19 17:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys
2008-11-08 20:48 . 2008-11-08 20:48 <DIR> d-------- c:\program files\Trend Micro
2008-11-07 23:38 . 2008-11-07 23:50 <DIR> d-------- c:\program files\Panda Security
2008-11-07 02:00 . 2008-11-07 02:00 142 --a------ c:\windows\system32\spupdsvc.inf
2008-10-22 20:59 . 2008-10-22 20:59 <DIR> d-------- c:\program files\Lavasoft
2008-10-22 20:59 . 2008-10-22 21:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-15 17:56 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-11-15 17:44 --------- d-----w c:\documents and settings\Administrator\Application Data\SlipStream
2008-11-14 02:10 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-07 07:02 --------- d-----w c:\program files\Norton 360
2008-10-28 02:40 --------- d-----w c:\program files\palmOne
2008-10-24 11:25 455,936 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-15 01:21 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2008-10-15 01:20 805 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2008-10-15 01:20 60,800 ----a-w c:\windows\system32\S32EVNT1.DLL
2008-10-15 01:20 123,952 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2008-10-15 01:20 10,671 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2008-10-15 01:20 --------- d-----w c:\program files\Symantec
2008-10-14 17:42 --------- d-----w c:\documents and settings\Administrator\Application Data\Symantec
2008-10-14 17:39 --------- d-----w c:\program files\Windows Sidebar
2008-10-04 06:24 --------- d-----w c:\program files\iTunes
2008-10-04 06:24 --------- d-----w c:\program files\iPod
2008-10-04 06:24 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-04 06:23 --------- d-----w c:\program files\Bonjour
2008-10-04 06:22 --------- d-----w c:\program files\QuickTime
2008-10-04 06:22 --------- d-----w c:\program files\Common Files\Apple
2008-10-04 01:38 --------- d-----w c:\program files\Apple Software Update
2008-10-01 17:01 32,000 ----a-w c:\windows\system32\drivers\usbaapl.sys
2008-09-30 21:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-22 00:01 --------- d-----w c:\program files\GameSpy Arcade
2008-09-21 23:59 --------- d-----w c:\program files\directx
2008-09-21 23:43 --------- d--h--w c:\program files\InstallShield Installation Information
2008-09-21 23:43 --------- d-----w c:\program files\Infogrames Interactive
2008-09-15 12:17 1,846,912 ----a-w c:\windows\system32\win32k.sys
2008-09-04 16:32 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-30 01:06 1,350,664 ----a-w c:\windows\system32\msxml6.dll
2008-08-29 14:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-08-29 13:53 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-08-26 09:08 827,904 ----a-w c:\windows\system32\wininet.dll
2007-05-04 11:13 16,384 -csha-w c:\windows\system32\config\systemprofile\Cookies\index.dat
2007-05-04 11:13 16,384 -csha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
2007-05-04 11:13 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.
((((((((((((((((((((((((((((( snapshot_2008-11-15_ 0.56.13.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-21 01:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2008-11-15 17:53:19 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_690.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]
@="{4433A54A-1AC8-432F-90FC-85F045CF383C}"
[HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]
2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]
@="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}"
[HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]
2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]
@="{476D0EA3-80F9-48B5-B70B-05E677C9C148}"
[HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]
2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"SlipStream"="c:\program files\SlipStream Web Accelerator\slipcore.exe" [2006-01-19 253952]
"BarbieGirlsTray"="c:\program files\Mattel\Barbie Girls\Mattel.BarbieGirls.Tray.exe" [2007-03-14 24576]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]
"RTHDCPL"="RTHDCPL.EXE" [2006-09-05 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"nwiz"="nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]
"nltide_3"="advpack.dll" [2008-08-26 c:\windows\system32\advpack.dll]
"IE7-11"="advpack.dll" [2008-08-26 c:\windows\system32\advpack.dll]
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
HotSync Manager.LNK - c:\program files\palmOne\HOTSYNC.EXE [2004-04-13 299008]
PowerReg Scheduler.exe [2007-10-13 233472]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Office Startup.lnk - c:\program files\Microsoft Office97\Office\OSA.EXE [1997-08-05 51984]
SlipStream.lnk - c:\program files\SlipStream Web Accelerator\slipgui.exe [2007-09-27 159744]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-11-10 28544]
R2 LiveUpdate Notice;LiveUpdate Notice;"c:\program files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [2008-02-18 149352]
S3 COH_Mon;COH_Mon;\??\c:\windows\system32\Drivers\COH_Mon.sys [2008-01-12 23888]
*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
2008-11-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-11-15 12:53:33
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2008-11-15 13:01:07 - machine was rebooted [Administrator]
ComboFix-quarantined-files.txt 2008-11-15 18:00:59
ComboFix2.txt 2008-11-15 05:56:48
ComboFix3.txt 2008-11-13 04:11:38
ComboFix4.txt 2008-11-11 22:40:05
ComboFix5.txt 2008-11-15 17:40:28
Pre-Run: 57,832,112,128 bytes free
Post-Run: 57,873,543,168 bytes free
182 --- E O F --- 2008-11-14 02:10:51
I then ran a Kaspersky virus scan from their website and the following result was logged for my computer:
Saturday, November 15, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Friday, November 14, 2008 20:14:58
Records in database: 1385149
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
C:\
D:\
Scan statistics
Files scanned 81284
Threat name 26
Infected objects 94
Suspicious objects 1
Duration of the scan 01:50:32
File name Threat name Threats count
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0692324B Suspicious: Exploit.HTML.Iframe.FileDownload 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0692324B Infected: Email-Worm.Win32.NetSky.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\10917CA2 Infected: Email-Worm.Win32.NetSky.c 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\193764DC Infected: Email-Worm.Win32.NetSky.c 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\195E5CB0 Infected: Email-Worm.Win32.NetSky.c 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1A4A6F38.htm Infected: Exploit.HTML.Mht 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\24B35BB3 Infected: Email-Worm.Win32.NetSky.d 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\25A57EA9 Infected: Email-Worm.Win32.NetSky.j 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\25DB281B Infected: Email-Worm.Win32.NetSky.c 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\25E2330D Infected: Email-Worm.Win32.NetSky.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\25FF75F4 Infected: Email-Worm.Win32.NetSky.j 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\260E3E36 Infected: Email-Worm.Win32.NetSky.d 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\262019D0 Infected: Email-Worm.Win32.NetSky.j 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\262B3816 Infected: Email-Worm.Win32.NetSky.d 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\264D659D Infected: Email-Worm.Win32.NetSky.c 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\281E3E50.tmp Infected: Email-Worm.Win32.Bagle.dt 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\28795B3F Infected: Email-Worm.Win32.NetSky.d 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\28BA22F7 Infected: Email-Worm.Win32.NetSky.j 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D053298.exe Infected: Trojan-Downloader.Win32.Adload.a 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D095C94.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D0C0691.exe Infected: Trojan-Downloader.Win32.Adload.a 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D0F308D.vxd Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D125A8A.srg Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D160486.dll Infected: not-a-virus:AdWare.Win32.BargainBuddy.n 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D6362CC.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.n 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D670CC9.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.n 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D695EFC.exe Infected: not-a-virus:Porn-Dialer.Win32.Generic 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D6A36C5.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D6D60C1.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D700ABE.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D7434BA.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D775EB7.exe Infected: Trojan-Downloader.Win32.Adload.a 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D7A08B3.exe Infected: Trojan-Downloader.Win32.Adload.a 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D7D32AF.cab Infected: Trojan-Downloader.Win32.Adload.a 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D7D32AF.exe Infected: Trojan-Downloader.Win32.Adload.a 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D815CAC.vxd Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D8406A8.srg Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D8730A5.dll Infected: not-a-virus:AdWare.Win32.BargainBuddy.n 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2D8A5AA1.dll Infected: not-a-virus:AdWare.Win32.BargainBuddy.n 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\324066A2.dll Infected: not-a-virus:AdWare.Win32.BargainBuddy.n 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3DA6579C.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\482C2B9A.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\482F5596.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\48337F93.exe Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4836298F.exe Infected: Trojan-Downloader.Win32.Adload.a 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4839538C.cab Infected: Trojan-Downloader.Win32.Adload.a 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4839538C.srg Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4839538C.vxd Infected: not-a-virus:AdWare.Win32.BargainBuddy.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\483D7D88.dll Infected: not-a-virus:AdWare.Win32.BargainBuddy.l 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4B084516 Infected: Email-Worm.Win32.NetSky.d 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4EFF368F Infected: Email-Worm.Win32.NetSky.c 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\51591781.exe Infected: Trojan-Downloader.Win32.WinShow.am 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\53687ED1 Infected: Email-Worm.Win32.NetSky.c 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\539220A2 Infected: Email-Worm.Win32.NetSky.c 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\53B3447E Infected: Email-Worm.Win32.NetSky.c 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\53CD1461 Infected: Email-Worm.Win32.NetSky.j 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\53F1623A Infected: Email-Worm.Win32.NetSky.j 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\54AB3B6D Infected: Email-Worm.Win32.NetSky.d 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\54CF0945 Infected: Email-Worm.Win32.NetSky.j 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\54EC0325 Infected: Email-Worm.Win32.NetSky.j 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\59E34922.tmp Infected: Email-Worm.Win32.Bagle.bw 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5B1A3443 Infected: Email-Worm.Win32.NetSky.d 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5B7F49D3 Infected: Email-Worm.Win32.NetSky.d 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\60E74CA4.exe Infected: Trojan-Downloader.Win32.Adload.a 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\69261790.jar Infected: Exploit.Java.ByteVerify 2
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\69261790.jar Infected: Trojan-Downloader.Java.OpenConnection.aa 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6967538C.exe Infected: Trojan-Downloader.Win32.Tiny.bm 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A147B5A.gif Infected: Exploit.HTML.Mht 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\72350186 Infected: Email-Worm.Win32.NetSky.j 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\72667751 Infected: Email-Worm.Win32.NetSky.j 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7A1761F1 Infected: Email-Worm.Win32.NetSky.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7AF832F9 Infected: Email-Worm.Win32.NetSky.q 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7B1C00D1 Infected: Email-Worm.Win32.NetSky.c 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7C2B4534 Infected: Email-Worm.Win32.Bagle.au 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7E962435 Infected: Email-Worm.Win32.NetSky.d 1
C:\olddata\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FBC1414 Infected: Email-Worm.Win32.NetSky.c 1
C:\olddata\Documents and Settings\Beth Clark\Application Data\Microsoft\Outlook Express\Deleted Items.dbx Infected: Trojan-Spy.HTML.Bayfraud.hn 3
C:\olddata\Documents and Settings\Beth Clark\Application Data\Microsoft\Outlook Express\Deleted Items.dbx Infected: Trojan-Spy.HTML.Bankfraud.ou 1
C:\olddata\Documents and Settings\Beth Clark\Application Data\Microsoft\Outlook Express\Deleted Items.dbx Infected: Trojan-Spy.HTML.Fiffraud.i 1
C:\olddata\Documents and Settings\Beth Clark\Application Data\Microsoft\Outlook Express\Mail\Sent Items.mbx Infected: Email-Worm.Win32.Magistr.a 2
C:\olddata\link.exe Infected: Trojan-Downloader.Win32.Delf.az 1
C:\olddata\WINDOWS\SimpleRegistration.dll Infected: not-a-virus:AdWare.Win32.TimeSink.d 1
C:\Program Files\Outlook Express\Outlook Express\Deleted Items.dbx Infected: Trojan-Spy.HTML.Bayfraud.hn 3
C:\Program Files\Outlook Express\Outlook Express\Deleted Items.dbx Infected: Trojan-Spy.HTML.Bankfraud.ou 1
C:\Program Files\Outlook Express\Outlook Express\Deleted Items.dbx Infected: Trojan-Spy.HTML.Fiffraud.i 1
C:\Program Files\Outlook Express\Outlook Express\Mail\Sent Items.mbx Infected: Email-Worm.Win32.Magistr.a 2
C:\WINDOWS\system32\8LUlns.dll Infected: Trojan-Downloader.Win32.BHOSta.ck 1
C:\WINDOWS\system32\drivers\iwbsv.sys Infected: Trojan-Downloader.Win32.Agent.afif 1
The selected area was scanned.
Should I now use jotti to clean up these?
Thanks.