Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

fake windows security warning

Started by syb388 , Nov 01 2006 12:41 PM

Please log in to reply

#16
syb388

Posted 03 November 2006 - 12:26 AM

Member

Topic Starter
Member
88 posts

I scanned again with F-secure online scanner it found another virus, below are the results-thanks

Scanning Report
Friday, November 03, 2006 00:28:25 - 01:23:46
Computer name: SYBMEISTER
Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\

--------------------------------------------------------------------------------

Result: 1 malware found
W32/DLoader.AMSO (virus)
C:\PROGRAM FILES\DIGSTREAM\DIGSTREAM.EXE (Submitted)

--------------------------------------------------------------------------------

Statistics
Scanned:
Files: 32062
System: 5341
Not scanned: 10
Actions:
Disinfected: 0
Renamed: 0
Deleted: 0
None: 1
Submitted: 1
Files not scanned:
C:\GOBACKIO.BIN
C:\PAGEFILE.SYS
C:\WINDOWS\SYSTEM32\DRIVERS\SPTD.SYS
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
C:\WINDOWS\SOFTWAREDISTRIBUTION\EVENTCACHE\{EA704E33-8552-4CDA-9630-1239E7E0955D}.BIN
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCRST.DLL
C:\DOCUMENTS AND SETTINGS\SHOLOM\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS DEFENDER\FILETRACKER\{A0104796-C6F0-4D91-842B-398121A25422}
C:\DOCUMENTS AND SETTINGS\SHOLOM\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\GOOGLE DESKTOP\543B6B36FE39\DBDAM
C:\DOCUMENTS AND SETTINGS\SHOLOM\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\GOOGLE DESKTOP\543B6B36FE39\HP
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3AD391678A806EC4D691E83AAA393B6F_24ADF822-76F7-4481-B30B-FF1B40F8687F

--------------------------------------------------------------------------------

Options
Scanning engines:
F-Secure AVP: 6.0.171, 2006-11-02
F-Secure Libra: 2.4.1, 2006-11-02
F-Secure Orion: 1.2.37, 2006-11-02
F-Secure Blacklight: 1.0.31, 0000-00-00
F-Secure Pegasus: 1.19.0, 2006-08-29
F-Secure Draco: 1.0.35, 2006-10-31
Scanning options:
Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX
Use Advanced heuristics

#17
Wizard

Posted 03 November 2006 - 02:56 AM

Retired Staff

Retired Staff
5,661 posts

I like what I see so far! :whistling:

A nice little application to help you maintain those temp files.

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

Restart the Machine and Please run the Bit Defender Online Scan
http://www.bitdefend...m/scan8/ie.html

You must use Internet Explorer for this scanner.

Install the ActiveX and Click on "Click here to Scan"

Allow it to update and Scan the Machine.

It should disinfect or delete whatever it finds that is infected.

Save the report in generates in a text format please and post it back here

#18
syb388

Posted 03 November 2006 - 05:15 AM

Member

Topic Starter
Member
88 posts

The virus signatures wont load in BitDefender. Should I still scan without?

#19
syb388

Posted 03 November 2006 - 11:03 AM

Member

Topic Starter
Member
88 posts

I tried the scan again a couple of hours later, this time it loaded succesfully, below is the log. -thanks

BitDefender Online Scanner

Scan report generated at: Fri, Nov 03, 2006 - 11:40:52

Scan path: C:\;D:\;E:\;F:\;G:\;H:\;

Statistics

Time
02:18:48

Files
544656

Folders
6679

Boot Sectors
4

Archives
5210

Packed Files
60538

Results

Identified Viruses
5

Infected Files
11

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
11

Engines Info

Virus Definitions
312288

Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins
13

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7F9A5C8E.htm=>(Quarantine-2)
Infected with: Trojan.JS.Obsq.C

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7F9A5C8E.htm=>(Quarantine-2)
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7F9A5C8E.htm=>(Quarantine-2)
Deleted

C:\Documents and Settings\Sholom\My Documents\Software\EvID4226Patch223d-en.zip=>EvID4226Patch.exe
Infected with: Backdoor.Virkel.A

C:\Documents and Settings\Sholom\My Documents\Software\EvID4226Patch223d-en.zip=>EvID4226Patch.exe
Disinfection failed

C:\Documents and Settings\Sholom\My Documents\Software\EvID4226Patch223d-en.zip=>EvID4226Patch.exe
Deleted

C:\Documents and Settings\Sholom\My Documents\Software\EvID4226Patch223d-en.zip
Updated

C:\RECYCLER\NPROTECT\00009594.0LL
Infected with: Trojan.Agent.AAE

C:\RECYCLER\NPROTECT\00009594.0LL
Disinfection failed

C:\RECYCLER\NPROTECT\00009594.0LL
Deleted

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe=>(NSIS o)=>lzma_solid_nsis0004
Infected with: Dropped:Application.Adware.NewDotNet.A

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe=>(NSIS o)=>lzma_solid_nsis0004
Disinfection failed

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe=>(NSIS o)=>lzma_solid_nsis0004
Deleted

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe=>(NSIS o)
Update failed

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP118\A0056536.exe
Infected with: Trojan.Agent.AAE

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP118\A0056536.exe
Disinfection failed

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP118\A0056536.exe
Deleted

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP118\A0056540.exe
Infected with: Trojan.Agent.AAE

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP118\A0056540.exe
Disinfection failed

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP118\A0056540.exe
Deleted

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057084.dll
Infected with: Trojan.Agent.AAW

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057084.dll
Disinfection failed

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057084.dll
Deleted

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057554.exe
Infected with: Trojan.Agent.AAE

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057554.exe
Disinfection failed

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057554.exe
Deleted

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057555.exe
Infected with: Trojan.Agent.AAE

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057555.exe
Disinfection failed

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057555.exe
Deleted

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP122\A0058610.dll
Infected with: Trojan.Agent.AAE

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP122\A0058610.dll
Disinfection failed

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP122\A0058610.dll
Deleted

C:\VundoFix Backups\winrkp32.dll.bad
Infected with: Trojan.Agent.AAE

C:\VundoFix Backups\winrkp32.dll.bad
Disinfection failed

C:\VundoFix Backups\winrkp32.dll.bad
Deleted

#20
Wizard

Posted 03 November 2006 - 03:09 PM

Retired Staff

Retired Staff
5,661 posts

You may want to go through this folder--> C:\Documents and Settings\Sholom\My Documents\Software

Get rid of anything you dont need or use anymore.

Go ahead and Delete--> C:\VundoFix Backups

Please Install these 2 to add to the Security of the PC

SpywareBlaster:
http://www.javacools.../downloads.html
Update Immediatly!

WinHelp2002 Hosts File
http://www.mvps.org/...2002/hosts2.htm

How does the PC seem to be acting today?

#21
syb388

Posted 04 November 2006 - 11:37 PM

Member

Topic Starter
Member
88 posts

I sifted through the folder and deleted a couple of apps, I also installed the two apps you suggested. I ran Bitdefender and it found a couple of viruses (below is the log), but I didnt notice any strange behavior, My computer seems to be running just fine. - Thanks

BitDefender Online Scanner

Scan report generated at: Sun, Nov 05, 2006 - 00:16:25

Scan path: C:\;D:\;E:\;F:\;G:\;H:\;

Statistics

Time
02:38:06

Files
552983

Folders
6708

Boot Sectors
4

Archives
5927

Packed Files
60574

Results

Identified Viruses
2

Infected Files
2

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
2

Engines Info

Virus Definitions
312597

Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins
13

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7F9A5C8E.htm=>(Quarantine-2)
Infected with: Trojan.JS.Obsq.C

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7F9A5C8E.htm=>(Quarantine-2)
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7F9A5C8E.htm=>(Quarantine-2)
Deleted

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Displacement Maps\Crumbles.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Displacement Maps\Fragment layers.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Displacement Maps\Honeycomb (10%).psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Displacement Maps\Mezzo effect.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Displacement Maps\Pentagons (10%).psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Displacement Maps\Random strokes(25%).psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Displacement Maps\Rectangular tiles (10%).psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Displacement Maps\Schnable Effect.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Displacement Maps\Streaks pattern.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Displacement Maps\Twirl pattern.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Effects\Filter Gallery.8bf
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Extensions\FastCore.8BX
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Extensions\MMXCore.8BX
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Extensions\MultiProcessor Support.8BX
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\BMP.8BI
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\FilmStrip.8BI
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\PCX.8BI
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\Photo CD.8BI
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\Pixar.8BI
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\Targa.8BI
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Average.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Clouds.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Color Halftone.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Crystallize.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\De-Interlace.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Displace.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Extrude.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Fibers.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lens Flare.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\2 O'clock Spotlight
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Blue Omni
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Circle of Light
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Crossing
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Crossing Down
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Default
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Five Lights Down
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Five Lights Up
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Flashlight
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Flood Light
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Parallel Directional
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\RGB Lights
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Soft Direct Lights
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Soft Omni
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Soft Spotlight
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Three Down
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Lighting Styles\Triple Spotlight
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\LightingEffects.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Liquify.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Mezzotint.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\NTSC Colors.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Pinch.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Pointillize.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Polar Coordinates.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Radial Blur.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Ripple.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Shear.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Smart Blur.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Solarize.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Spherize.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Tiles.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Twirl.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Variations.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Wave.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\Wind.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Filters\ZigZag.8BF
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Import-Export\Twain_32.8BA
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\Parser\EPS Parser.8BY
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Plugin.dll
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Brushes\Adobe Photoshop Only\Basic Brushes.abr
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Brushes\Adobe Photoshop Only\Dry Media Brushes.abr
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Brushes\Adobe Photoshop Only\Special Effect Brushes.abr
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Brushes\Adobe Photoshop Only\Thick Heavy Brushes.abr
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Brushes\Adobe Photoshop Only\Wet Media Brushes.abr
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Brushes\Assorted Brushes.abr
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Brushes\Calligraphic Brushes.abr
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Brushes\Drop Shadow Brushes.abr
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Brushes\Faux Finish Brushes.abr
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Brushes\Natural Brushes 2.abr
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Brushes\Natural Brushes.abr
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Brushes\Square Brushes.abr
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\ANPA Color.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\DIC Color Guide.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\FOCOLTONE.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\HKS E Process.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\HKS E Process.acb=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\HKS E.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\HKS K Process.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\HKS K Process.acb=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\HKS K.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\HKS N Process.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\HKS N Process.acb=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\HKS N.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\HKS Z Process.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\HKS Z Process.acb=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\HKS Z.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE metallic coated.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE metallic coated.acb=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE pastel coated.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE pastel coated.acb=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE pastel uncoated.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE pastel uncoated.acb=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE process coated.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE process coated.acb=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE process uncoated.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE process uncoated.acb=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE solid coated.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE solid matte.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE solid to process EURO.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE solid to process EURO.acb=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE solid to process.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE solid to process.acb=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\PANTONE solid uncoated.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\TOYO Color Finder.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Books\TRUMATCH.acb
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\ANPA Colors.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\DIC Color Guide.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\DIC Swatch ReadMe.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\FOCOLTONE Colors.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\HKS E Process.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\HKS E.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\HKS K Process.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\HKS K.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\HKS N Process.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\HKS N.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\HKS Z Process.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\HKS Z.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\PANTONE metallic coated.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\PANTONE pastel coated.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\PANTONE pastel uncoated.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\PANTONE process coated.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\PANTONE process uncoated.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\PANTONE solid coated.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\PANTONE solid matte.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\PANTONE solid to process EURO.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\PANTONE solid to process.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\PANTONE solid uncoated.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\Photo Filter Colors.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\TOYO Color Finder.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Adobe Photoshop Only\TRUMATCH Colors.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Mac OS.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\VisiBone ReadMe.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\VisiBone.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\VisiBone.aco=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\VisiBone2.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\VisiBone2.aco=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Web Hues.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Web Safe Colors.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Web Spectrum.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Color Swatches\Windows.aco
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Contours\Contours.shc
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\All.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\Animals.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\Arrows.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\Banners.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\Frames.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\Music.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\Nature.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\Objects.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\Ornaments.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\Shapes.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\Symbols.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\TalkBubbles.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\Tiles.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Custom Shapes\Web.csh
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\423-1.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\423-2.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\423-3.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\424 bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\424 bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\424 bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\424 bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Cool Gray 7 bl 1.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Cool Gray 7 bl 2.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Cool Gray 7 bl 3.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Cool Gray 7 bl 4.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Cool Gray 9 bl 1.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Cool Gray 9 bl 2.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Cool Gray 9 bl 3.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Cool Gray 9 bl 4.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Warm Gray 11 bl 1.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Warm Gray 11 bl 2.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Warm Gray 11 bl 3.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Warm Gray 11 bl 4.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Warm Gray 8 bl 1.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Warm Gray 8 bl 2.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Warm Gray 8 bl 3.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Gray-Black Duotones\Warm Gray 8 bl 4.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\144 orange (25%) bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\144 orange (25%) bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\144 orange (25%) bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\144 orange (25%) bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\144 orange bl 80% shad.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\159 dk orange bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\159 dk orange bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\159 dk orange bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\159 dk orange bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\327 aqua (50%) bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\327 aqua (50%) bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\327 aqua (50%) bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\327 aqua (50%) bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\478 brown (100%) bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\478 brown (100%) bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\478 brown (100%) bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\478 brown (100%) bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\506 burgundy (75%) bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\506 burgundy (75%) bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\506 burgundy (75%) bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\506 burgundy (75%) bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\527 purple (100%) bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\527 purple (100%) bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\527 purple (100%) bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\527 purple (100%) bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\blue 072 bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\blue 072 bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\blue 072 bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\blue 072 bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\blue 286 bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\blue 286 bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\blue 286 bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\blue 286 bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\brown 464 bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\brown 464 bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\brown 464 bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\brown 464 bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\green 3405 bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\green 3405 bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\green 3405 bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\green 3405 bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\green 349 bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\green 349 bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\green 349 bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\green 349 bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\mauve 4655 bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\mauve 4655 bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\mauve 4655 bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\mauve 4655 bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\red 485 bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\red 485 bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\red 485 bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\PANTONE® Duotones\red 485 bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Process Duotones\cyan bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Process Duotones\cyan bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Process Duotones\cyan bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Process Duotones\cyan bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Process Duotones\magenta bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Process Duotones\magenta bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Process Duotones\magenta bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Process Duotones\magenta bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Process Duotones\yellow bl 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Process Duotones\yellow bl 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Process Duotones\yellow bl 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Duotones\Process Duotones\yellow bl 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\Gray Quadtones\Bl CG10 CG4 WmG3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\Gray Quadtones\Bl CG10 WmG3 CG1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\Gray Quadtones\Bl CG10 WmG4 CG3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\Gray Quadtones\Bl WmG9 CG6 CG3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\PANTONE® Quadtones\Bl 430 493 557.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\PANTONE® Quadtones\Bl 431 492 556.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\PANTONE® Quadtones\Bl 541 513 5773.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\PANTONE® Quadtones\Bl 75% 50% 25%.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\Process Quadtones\CMYK blue.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\Process Quadtones\CMYK brown.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\Process Quadtones\CMYK cool.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\Process Quadtones\CMYK ext wm.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\Process Quadtones\CMYK neutral.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\Quadtones\Process Quadtones\CMYK wm.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Gray Tritones\Bl 404 WmGray 401 WmGray.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Gray Tritones\Bl 409 WmGray 407 WmGray.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Gray Tritones\Bl Cool Gray 10 WmGray 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Gray Tritones\Bl WmGray 7 WmGray 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Gray Tritones\CG9CG2-1.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Gray Tritones\CG9CG2-2.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Gray Tritones\CG9CG2-3.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Gray Tritones\CG9CG2-4.ADO
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\PANTONE® Tritones\Bl 165 red orange 457 brown.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\PANTONE® Tritones\Bl 172 orange 423 gray.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\PANTONE® Tritones\Bl 313 aqua 127 gold.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\PANTONE® Tritones\Bl 334 green 437 mauve.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\PANTONE® Tritones\Bl 340 green 423 gray.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\PANTONE® Tritones\Bl 437 burgundy 127 gold.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\PANTONE® Tritones\Bl 50% 25%.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BCY green 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BCY green 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BCY green 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BCY green 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMC blue 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMC blue 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMC blue 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMC blue 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMY brown 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMY brown 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMY brown 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMY brown 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMY red 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMY red 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMY red 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMY red 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMY sepia 1.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMY sepia 2.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMY sepia 3.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Duotones\TRITONE\Process Tritones\BMY sepia 4.ado
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Gradients\Color Harmonies 1.grd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Gradients\Color Harmonies 2.grd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Gradients\Metals.grd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Gradients\Noise Samples.grd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Gradients\Pastels.grd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Gradients\Simple.grd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Gradients\Special Effects.grd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Gradients\Spectrums.grd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Keyboard Shortcuts\Working with Type.kys
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\1stFiveBySevens.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\EightByTen.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\FiveBySevenAndSmaller.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\FiveBySevenAndThreeByFive.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\FiveBySevenAndThreeByThreeH.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\FiveBySevenAndThreeH.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\FiveBySevenAndTwoByTwoH.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\FiveBySevenAndTwoH.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\FiveBySevenAndTwoHByThreeH.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\FourByFives.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\FourByFivesAndSmaller.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\FourByFivesAndTwoByTwoH.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\FourByFivesAndTwoHByThreeH.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\ReadMe.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\TenByThirteen.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\ThreeHByFive.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\TwoByTwo.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\TwoByTwoH.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\TwoHByThreeH.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\TwoHByThreeHAndTwoByTwoH.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Layouts\TwoHByThreeQ.txt
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Menu Customization\Automation.mnu
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Menu Customization\Basic.mnu
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Menu Customization\Color and Tonal Correction.mnu
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Menu Customization\Image Analysis.mnu
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Menu Customization\Painting and Retouching.mnu
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Menu Customization\Printing and Proofing.mnu
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Menu Customization\Web Design.mnu
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Menu Customization\What's New - CS2.mnu
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Menu Customization\Working with Type.mnu
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Colors\Black & White.act
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Colors\Grayscale.act
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Colors\Mac OS.act
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Colors\Windows.act
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Output Settings\Background Image.iros
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Output Settings\Default Settings.iros
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Output Settings\XHTML.iros
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\GIF 128 Dithered.irs
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\GIF 128 Dithered.irs=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\GIF 128 No Dither.irs
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\GIF 128 No Dither.irs=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\GIF 32 Dithered.irs
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\GIF 32 Dithered.irs=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\GIF 32 No Dither.irs
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\GIF 32 No Dither.irs=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\GIF 64 Dithered.irs
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\GIF 64 Dithered.irs=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\GIF 64 No Dither.irs
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\GIF 64 No Dither.irs=>REMOVED_NULLS
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\GIF Restrictive.irs
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\JPEG High.irs
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\JPEG Low.irs
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\JPEG Medium.irs
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\PNG-24.irs
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Optimized Settings\PNG-8 128 Dithered.irs
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Brushed Metal Copper.jpg
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Brushed Metal Strong Copper.jpg
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Brushed Metal Strong.jpg
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Brushed Metal.jpg
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Bubbles.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Carpet.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Coarse Weave.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Crystals.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Denim.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Purples.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Rough.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Slate.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Stone.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Streaks.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Stucco.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Water.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Wood.psd
Clean

C:\Program Files\Adobe\Adobe Photoshop CS2\Presets\Patterns\Adobe ImageReady Only\Woven.psd
Clean

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe=>(NSIS o)=>lzma_solid_nsis0004
Infected with: Dropped:Application.Adware.NewDotNet.A

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe=>(NSIS o)=>lzma_solid_nsis0004
Disinfection failed

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe=>(NSIS o)=>lzma_solid_nsis0004
Deleted

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe=>(NSIS o)
Update failed

#22
Wizard

Posted 05 November 2006 - 06:16 AM

Retired Staff

Retired Staff
5,661 posts

Id like to see one more scan before we call it clean,please.

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT
Now click on Scan Settings
In the scan settings make that the following are selected:
- Scan using the following Anti-Virus database:
Extended (if available otherwise Standard)
- Scan Options:
Scan Archives
Scan Mail Bases
Click OK
Now under select a target to scan:Select My Computer
This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
- Now click on the Save as Text button:
Save the file to your desktop.
Copy and paste that information in your next post.

#23
syb388

Posted 05 November 2006 - 01:36 PM

Member

Topic Starter
Member
88 posts

Ok I ran the scan, below is the report. - Thanks

KASPERSKY ONLINE SCANNER REPORT
Sunday, November 05, 2006 2:32:16 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 5/11/2006
Kaspersky Anti-Virus database records: 238418

Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
C:\
D:\
E:\
F:\
G:\
H:\

Scan Statistics
Total number of scanned objects 88617
Number of viruses found 7
Number of infected objects 11 / 0
Number of suspicious objects 0
Duration of the scan process 01:22:12

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3ad391678a806ec4d691e83aaa393b6f_24adf822-76f7-4481-b30b-ff1b40f8687f Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-11012006-000958.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2006-11-05_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\index.qbs Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\B793B97C.TMP Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\EA86B536.TMP Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\SubEng\submissions.idx Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Sholom\Application Data\$_hpcst$.hpc Object is locked skipped

C:\Documents and Settings\Sholom\Application Data\Aim\gnjkcurd\syb388\cert8.db Object is locked skipped

C:\Documents and Settings\Sholom\Application Data\Aim\gnjkcurd\syb388\key3.db Object is locked skipped

C:\Documents and Settings\Sholom\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt.log Object is locked skipped

C:\Documents and Settings\Sholom\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\dbc2e.ht1 Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\dbdam Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\dbdao Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\dbeam Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\dbeao Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\dbm Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\dbu2d.ht1 Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\dbvm.cf1 Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\dbvmh.ht1 Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\fii.cf1 Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\fiih.ht1 Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\hp Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\hpt2i.ht1 Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\rpm.cf1 Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\rpm1m.cf1 Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\rpm1mh.ht1 Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Google\Google Desktop\543b6b36fe39\rpmh.ht1 Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{69E2A532-69A0-4F3C-892E-0C8D2841381E} Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{777577C9-8534-46B1-9AAB-408C3629D5CF} Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Musicmatch\Jukebox\mmjbaltlog.txt Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Musicmatch\Jukebox\mmjblog.txt Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Musicmatch\Jukebox\Portables.log Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Musicmatch\MIM\Database\Default.ldb Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Application Data\Musicmatch\MIM\Database\Default.mdb Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\History\History.IE5\MSHist012006110520061106\index.dat Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Temp\JET2319.tmp Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Temp\Perflib_Perfdata_734.dat Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Temp\WCESLog.log Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Temp\~DFA56B.tmp Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Temp\~DFA58C.tmp Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Temp\~DFCB3A.tmp Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Temp\~DFE29B.tmp Object is locked skipped

C:\Documents and Settings\Sholom\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Sholom\My Documents\Software\malware remover tools\SmitfraudFix\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\Sholom\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Sholom\ntuser.dat.LOG Object is locked skipped

C:\gobackio.bin Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\NFWEVT.LOG Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped

C:\Program Files\DIGStream\digstream.exe Infected: not-a-virus:Downloader.Win32.DigStream skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped

C:\RECYCLER\NPROTECT\NPROTECT.LOG Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe/stream/data0004 Infected: not-a-virus:AdWare.Win32.NewDotNet skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Relevant.a skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe/stream Infected: not-a-virus:AdWare.Win32.Relevant.a skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe NSIS: infected - 3 skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP118\A0056869.dll Infected: Trojan.Win32.BHO.g skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057027.exe Infected: Trojan-Downloader.Win32.Zlob.atq skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057028.exe Infected: Trojan-Downloader.Win32.Zlob.atq skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057592.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057619.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.en skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP125\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt Object is locked skipped

C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{5653999F-28A8-4BE0-A464-B273C466DE53}.crmlog Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{ECB1BC25-DC3D-49C3-9EE6-B821C80B6071}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\DEFAULT Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SYSTEM Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped

C:\WINDOWS\system32\drivers\sptd0941.sys Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log Object is locked skipped

C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

#24
Wizard

Posted 06 November 2006 - 03:45 PM

Retired Staff

Retired Staff
5,661 posts

If you like,you can remove DIGStream from Add\Remove Programs I believe.

Can I see one last HijackThis log,please.

#25
syb388

Posted 06 November 2006 - 04:11 PM

Member

Topic Starter
Member
88 posts

What is digstream? Its not listed in my add/remove programs list. When I ran Kasparsky I didnt select any repair action, was I supposed to? Below is the Hijackthis report- Thanks

Logfile of HijackThis v1.99.1
Scan saved at 5:08:19 PM, on 11/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\uTorrent\utorrent.exe
C:\Program Files\Rhapsody\rhaphlpr.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Sholom\My Documents\Software\malware remover tools\foo.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\Sholom\LOCALS~1\Temp\2006116152536_mcappins.exe /v=3 /cleanup
O4 - HKLM\..\RunOnce: [RemoveTempFilesReboot] C:\PROGRA~1\MUSICM~1\MUSICM~3\rundll32.exe C:\PROGRA~1\MUSICM~1\MUSICM~3\mminstall.dll,_ExportRemDirAndContents@16 C:\DOCUME~1\Sholom\LOCALS~1\Temp\SFX62.tmp
O4 - HKCU\..\Run: [DellSupport] "C:\PROGRA~1\DELLSU~1\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {230C3D02-DA27-11D2-8612-00A0C93EEA3C} (SAXFile FileUpload ActiveX Control) - http://www.winkflash...ers/SAXFile.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.winkflash...geUploader3.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BDB0513B-251F-493E-BC2F-1DE1E6188310}: NameServer = 207.69.188.185,207.69.188.186
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

#26
Wizard

Posted 06 November 2006 - 04:23 PM

Retired Staff

Retired Staff
5,661 posts

No worries!

C:\Program Files\DIGStream\digstream.exe Infected: not-a-virus:Downloader.Win32.DigStream skipped

Just delete the C:\Program Files\DIGStream folder.

Post back and let me know it went peacefully and tell me how the PC seems to be acting today?

#27
syb388

Posted 06 November 2006 - 04:31 PM

Member

Topic Starter
Member
88 posts

I ran the uninstall in the folder and deleted the folder. My comp seems to br running alright, mabe a little slow to respond but I cant really complain, its probably Norton eating all my cpu.

#28
Wizard

Posted 06 November 2006 - 07:42 PM

Retired Staff

Retired Staff
5,661 posts

Let me see one last HijackThis log,see if theres anything we can trim out of the Run items.

#29
syb388

Posted 06 November 2006 - 08:31 PM

Member

Topic Starter
Member
88 posts

Ok heres the log. Am I really clean despite what the Kaspersky scan showed?

Logfile of HijackThis v1.99.1
Scan saved at 9:29:12 PM, on 11/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Rhapsody\rhaphlpr.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\uTorrent\utorrent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Rhapsody\rhapsody.exe
C:\Documents and Settings\Sholom\My Documents\Software\malware remover tools\foo.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\Sholom\LOCALS~1\Temp\2006116152536_mcappins.exe /v=3 /cleanup
O4 - HKLM\..\RunOnce: [RemoveTempFilesReboot] C:\PROGRA~1\MUSICM~1\MUSICM~3\rundll32.exe C:\PROGRA~1\MUSICM~1\MUSICM~3\mminstall.dll,_ExportRemDirAndContents@16 C:\DOCUME~1\Sholom\LOCALS~1\Temp\SFX62.tmp
O4 - HKCU\..\Run: [DellSupport] "C:\PROGRA~1\DELLSU~1\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {230C3D02-DA27-11D2-8612-00A0C93EEA3C} (SAXFile FileUpload ActiveX Control) - http://www.winkflash...ers/SAXFile.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.winkflash...geUploader3.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BDB0513B-251F-493E-BC2F-1DE1E6188310}: NameServer = 207.69.188.185,207.69.188.186
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

#30
Wizard

Posted 07 November 2006 - 04:05 PM

Retired Staff

Retired Staff
5,661 posts

You mean all the locked items and these:

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe/stream/data0004 Infected: not-a-virus:AdWare.Win32.NewDotNet skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe/stream/data0005 Infected: not-a-virus:AdWare.Win32.Relevant.a skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe/stream Infected: not-a-virus:AdWare.Win32.Relevant.a skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP110\A0053151.exe NSIS: infected - 3 skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP118\A0056869.dll Infected: Trojan.Win32.BHO.g skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057027.exe Infected: Trojan-Downloader.Win32.Zlob.atq skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057028.exe Infected: Trojan-Downloader.Win32.Zlob.atq skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057592.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP121\A0057619.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.en skipped