Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Twain-Tech [RESOLVED]

Started by BuddyMG , Jul 25 2005 06:12 PM

  • This topic is locked This topic is locked

#16
BuddyMG
Posted 16 August 2005 - 12:47 PM

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts
I still have 38 SmitFraud-C incidences.

When I ran SpyBot and tried to remove the problems, I got a warning that read: Some problems couldn't be fixed; the reason could be that the associated files are still in use (in memory). This could be fixed after a restart. May SpyBot-S&D run on your next system startup?

I clicked yes, rebooted, and got the same results.

Here is a SpyBot log:

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\20x2p.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\75tz.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\adulthell.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\bin.wordsx.cc\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cc20foreva.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\crl.thawte.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\datingforlove.org\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dl.ad-ware.cc\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\e-finder.cc\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ewizard.cc\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\fast-look.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-spy-cam.net\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\[bleep]-[bleep].org\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ga31.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\greg-tut.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\letgohome.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\love-catalog.net\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\makechoice.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\meetyourfriend.biz\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\msnprotection.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\new.8ad.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\rf104.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\s13.remove.cc\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\s2.kav.cc\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\t34rulit.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\terra.hcworld.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\toprefsys.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\tracking.allposters.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\u45.cx\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\u46.cx\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\u47.cc\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\u48.cc\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\v-224.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\veryeasysearch.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\visitfriend.net\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webpidor.biz\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\www.6o9.com\*!=W=4

Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-59784908-3515273355-2894917733-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\www.niger.ru\*!=W=4


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-08-16 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-04-26 Includes\Cookies.sbi (*)
2005-08-12 Includes\Dialer.sbi (*)
2005-08-12 Includes\Hijackers.sbi (*)
2005-06-23 Includes\Keyloggers.sbi (*)
2005-08-12 Includes\Malware.sbi (*)
2005-08-12 Includes\PUPS.sbi (*)
2005-04-27 Includes\Revision.sbi (*)
2005-08-06 Includes\Security.sbi (*)
2005-08-12 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-08-12 Includes\Trojans.sbi (*)


Here is the Kaspersky online scanner results:

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, August 16, 2005 11:19:28
Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 16/08/2005
Kaspersky Anti-Virus database records: 135526
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 50954
Number of viruses found: 21
Number of infected objects: 227
Number of suspicious objects: 0
Duration of the scan process: 2927 sec

Infected Object Name - Virus Name
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00997DF0.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\01040AE9.class Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0332562E.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\05302453.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\05373517.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\05C654C8.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\07AF198A.class Infected: Trojan.Java.ClassLoader.h
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0C760935.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\111A112A.class Infected: Trojan.Java.ClassLoader.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\115F29A8.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\125C6FED.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\13B92658.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14E36878.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\16516A34.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1735285E.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\19C74EEC.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BEB2649.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CB911DF.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC825C9.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC825C9.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC825C9.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC825C9.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC825C9.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC825C9.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CCB4FC5.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CF36615.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\20450E10.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\20AC2686.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\217D1F67.class Infected: Trojan.Java.ClassLoader.h
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\21C22985.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22483F4A.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22EF4D30.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22EF4D30.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22EF4D30.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22EF4D30.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22EF4D30.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22EF4D30.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22F2772D.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232042FA.class Infected: Trojan.Java.ClassLoader.f
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232042FA.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232042FA.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232042FA.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232042FA.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232042FA.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23236CF7.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232616F3.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\238A3C1B.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23A2526B.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24471BDC Infected: Trojan-Downloader.Win32.Agent.ne
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24DC1112.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24ED137E.class Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24ED137E.zip/a.class Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24ED137E.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24ED137E.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24ED137E.zip Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24F03D7B.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24F36777.class Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\29EC4DD4.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB3109D.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB3109D.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB3109D.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB3109D.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB3109D.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB3109D.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB63A99.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2B913803.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2C773175.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2D097893.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2E4215EC.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F092D08.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F092D08.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F092D08.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F092D08.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F092D08.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F092D08.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F0C5705.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F8F00CB.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F922AC7.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\30164503.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32192FF2.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\332C68E4.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\334F2062.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\334F2062.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\334F2062.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\334F2062.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\334F2062.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\33566456.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\34236BE6.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\379930FA.class Infected: Trojan.Java.ClassLoader.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38737E24.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38CB6BC3.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38CB6BC3.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38CB6BC3.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38CB6BC3.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38CB6BC3.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38CE15C0.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38E40548.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3A881B7E Infected: Trojan.Java.Binny.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB66B26.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB66B26.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB66B26.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB66B26.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB66B26.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB66B26.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3BCE34F6.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3CB11A62.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3DDF7184.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3E4C3D05.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3EE05C60.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3F4211B3.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3F8A541A.class Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\406773BD.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\40F26A8D.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\42654ED5.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45955021.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45987A1D.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45987A1D.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45987A1D.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45987A1D.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45987A1D.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459B241A.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459E4E16.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459E4E16.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459E4E16.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459E4E16.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459E4E16.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459E4E16.zip Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45A27813.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45A47680.class Infected: Trojan.Java.Femad
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45A47680.exe Infected: Trojan-Clicker.Win32.Small.gj
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\460E402B.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\47363E5A.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\47AF1E33.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\47FF7270.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\486F3850.class Infected: Trojan-Downloader.Java.OpenStream.t
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\48B2382E.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\48F635DD.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A706F29.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A706F29.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A706F29.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A706F29.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A706F29.zip Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A741925.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4AF90253.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4B283BD2.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4B423CF3.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4B8E42D1.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4CCB4E26.class Infected: Trojan.Java.Femad
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4D101AC2.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4FA56AB1.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\50890C34.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\51990321.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\51C86B1A.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\51C86B1A.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\51DC6705.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\523734BC.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\53FF70EC.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\53FF70EC.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\53FF70EC.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\53FF70EC.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\53FF70EC.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\53FF70EC.zip Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\561847B9.class Infected: Trojan.Java.Femad
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\562B70C9.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\580D3ABC.class Infected: Trojan.Java.ClassLoader.h
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\58897634.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5893499F.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\58D73B24.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\59810458.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5BBE1121.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5BE7765B.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5E6E554E.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\60E206E0.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\61B30448.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\62AA4672.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\62F00239.class Infected: Trojan.Java.Binny.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\644A16C2.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\64CB00A2.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\660D6C10.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\67457D66.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\67F0363D.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6C101FFF.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6D226019.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6D874262.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6E1B2F57.class Infected: Trojan.Java.ClassLoader.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6EF77E81.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6F2F5CBC.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\70FD4785.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\71B172D9.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\71B172D9.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\71D227CB.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\73A160B7.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\73B8069E.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\73BE5A97.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\73D95228.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\768F239F.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A6712F.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A6712F.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A6712F.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A6712F.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A6712F.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A6712F.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A91B2B.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\79187E61.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\791E4255.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\792E64D5.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\79E41278.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7A1F4276.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7A236C72.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7A26166F.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7A5A3635.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7A841D69.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7C7E0549.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7D11694B.class Infected: Trojan.Java.Femad
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7E1A6D16.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB65170.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB65170.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB65170.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB65170.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB65170.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB65170.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB97B6C.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\System Volume Information\_restore{77297452-5378-4CCE-95A6-90694B0E4DFF}\RP333\A0200713.exe Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{77297452-5378-4CCE-95A6-90694B0E4DFF}\RP333\A0200714.exe Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{77297452-5378-4CCE-95A6-90694B0E4DFF}\RP333\A0200715.exe Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{77297452-5378-4CCE-95A6-90694B0E4DFF}\RP333\A0200716.exe Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{77297452-5378-4CCE-95A6-90694B0E4DFF}\RP333\A0200734.exe Infected: Trojan-Downloader.Win32.Agent.bc

Scan process completed.


Thank you!
  • 0

Advertisements

#17
BuddyMG
Posted 16 August 2005 - 02:53 PM

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts
Should I go into regedit, find where the problems are from the SmitFraud report and delete those particular folders?
  • 0

#18
kool808
Posted 16 August 2005 - 04:26 PM

kool808

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,690 posts
++++++++++++++++++++++++++
RIGHT-CLICK [ HERE ] and Save As (In IE it's "Save Target As") in order to download DelDomains.inf to your desktop.
To use: RIGHT-CLICK DelDomains.inf and select: Install (no need to restart)
Note: This will remove all entries in the "Trusted Zone" and "Ranges" also.

++++++++++++++++++++++++++
Clear Java Cache:

1. Click Start > Control Panel.

2. Double-click the Java icon (coffee cup) in the control panel. It will say "Java Plug-in" under the icon - please find the update button or tab in that Java control panel. Update your Java, and reboot.
a
After reboot, go back into the Control Panel and double-click the Java icon.

3. Under Temporary Internet Files, click the Delete Files button.

There are three options on this window to clear the cache - leave ALL 3 checked.
1. Downloaded Applets
2. Downloaded Applications
3. Other Files

4. Click OK on Delete Temporary Files window.
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

5. Click OK to leave the Java Control Panel.


let us see how this goes. :tazz:
  • 0

#19
BuddyMG
Posted 16 August 2005 - 05:38 PM

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts
I installed the DelDomains.inf. However, when I went to Start > Control Panel > Java Plug In and double-clicked that, all I got was a window with the following across the top:

Java ™ Plug-In Control Panel

And under that, tab choices:

Basic Advanced Browser Proxies Cache Certificates About

I hit "Clear Cache" in the Cache tab - but I don't see any kind of Temporary Internet Files choice anywhere.

Thank you!
  • 0

#20
BuddyMG
Posted 16 August 2005 - 05:58 PM

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts
Success!

Despite my ramblings in the previous post... I ran SpyBot again and had no incidences of SmitFraud! Thank you very much...

Now, if you don't mind... What should I keep on my desktop? It is now quite full of things from this (these) clean-up(s)...

And... When booting up, I'm still getting this box (it looks like a Mozilla box) that reads:

PhotoAppSrv.exe has encountered a problem and needs to close. We are sorry for the inconvenience.

I don't know what this is - and... when I checked the error signature, it read:

szApp Name - PhotoAppSrv.exe
zaMod Name - PhotoAppSrv.exe

szApp Ver - 2.5.0.15250
szMod Ver - 2.5.0.15250

offset
0001202a

Any idea what this means?!

Thank you very much.
  • 0

#21
kool808
Posted 17 August 2005 - 04:52 AM

kool808

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,690 posts
very good work, nicely done.

you may now remove / uninstall these tools:

deldomains
smitrem
ewido (trial version)
silent runners
rdrivrem
fixO
findpf.bat

do you still have the installers for the VAIO software installations?

Uninstall them, reboot have a Online virus scan with Kaspersky. Re-install them again if you need those softwares.

do another restore point.

post your final hijackthis log to verify you are all clean. I will then give you some tips to prevent future re-infections.
  • 0

#22
BuddyMG
Posted 17 August 2005 - 01:33 PM

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts
SpyBot is now clear! Here is my Kasperky log, which has some errors however:

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Wednesday, August 17, 2005 12:22:53
Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 17/08/2005
Kaspersky Anti-Virus database records: 135657
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 53289
Number of viruses found: 22
Number of infected objects: 248
Number of suspicious objects: 0
Duration of the scan process: 2428 sec

Infected Object Name - Virus Name
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\00997DF0.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\01040AE9.class Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0332562E.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\05302453.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\05373517.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\05C654C8.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\07AF198A.class Infected: Trojan.Java.ClassLoader.h
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\093B6692.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0C760935.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\111A112A.class Infected: Trojan.Java.ClassLoader.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\115F29A8.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\125C6FED.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\13B92658.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\14E36878.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\16516A34.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1735285E.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\177E165B.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\19C74EEC.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BEB2649.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CB911DF.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC825C9.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC825C9.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC825C9.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC825C9.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC825C9.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CC825C9.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CCB4FC5.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1CF36615.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\20450E10.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\20AC2686.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\217D1F67.class Infected: Trojan.Java.ClassLoader.h
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\21C22985.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22483F4A.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22EF4D30.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22EF4D30.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22EF4D30.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22EF4D30.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22EF4D30.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22EF4D30.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\22F2772D.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232042FA.class Infected: Trojan.Java.ClassLoader.f
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232042FA.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232042FA.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232042FA.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232042FA.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232042FA.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23236CF7.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\232616F3.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\238A3C1B.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\23A2526B.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24471BDC Infected: Trojan-Downloader.Win32.Agent.ne
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24DC1112.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24ED137E.class Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24ED137E.zip/a.class Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24ED137E.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24ED137E.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24ED137E.zip Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24F03D7B.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\24F36777.class Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\29EC4DD4.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB3109D.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB3109D.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB3109D.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB3109D.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB3109D.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB3109D.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2AB63A99.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2B913803.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2C773175.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2D097893.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2E4215EC.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F092D08.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F092D08.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F092D08.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F092D08.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F092D08.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F092D08.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F0C5705.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F8F00CB.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2F922AC7.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\30164503.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\32192FF2.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\332C68E4.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\334F2062.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\334F2062.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\334F2062.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\334F2062.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\334F2062.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\33566456.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\34236BE6.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\379930FA.class Infected: Trojan.Java.ClassLoader.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38737E24.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38CB6BC3.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38CB6BC3.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38CB6BC3.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38CB6BC3.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38CB6BC3.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38CE15C0.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\38E40548.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3A881B7E Infected: Trojan.Java.Binny.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB66B26.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB66B26.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB66B26.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB66B26.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB66B26.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB66B26.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3BCE34F6.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3CB11A62.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3DDF7184.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3E4C3D05.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3ED821D9.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3EE05C60.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3F4211B3.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3F8A541A.class Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3FFA73D7.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\406773BD.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\40F26A8D.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\42654ED5.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\426F194B.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44362A7F.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45955021.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45987A1D.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45987A1D.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45987A1D.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45987A1D.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45987A1D.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459B241A.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459E4E16.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459E4E16.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459E4E16.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459E4E16.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459E4E16.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\459E4E16.zip Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45A27813.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45A47680.class Infected: Trojan.Java.Femad
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\45A47680.exe Infected: Trojan-Clicker.Win32.Small.gj
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\460E402B.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\47363E5A.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\47AF1E33.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\47FF7270.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\486F3850.class Infected: Trojan-Downloader.Java.OpenStream.t
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\48B2382E.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\48F635DD.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A706F29.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A706F29.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A706F29.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A706F29.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A706F29.zip Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A741925.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4AF90253.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4B283BD2.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4B423CF3.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4B8E42D1.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4CCB4E26.class Infected: Trojan.Java.Femad
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4D101AC2.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4FA56AB1.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\50890C34.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\51990321.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\51C86B1A.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\51C86B1A.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\51DC6705.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\523734BC.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\53FF70EC.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\53FF70EC.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\53FF70EC.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\53FF70EC.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\53FF70EC.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\53FF70EC.zip Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\561847B9.class Infected: Trojan.Java.Femad
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\562B70C9.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\580D3ABC.class Infected: Trojan.Java.ClassLoader.h
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\58897634.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5893499F.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\58D73B24.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\59810458.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5BBE1121.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5BE7765B.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5E6E554E.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\60E206E0.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\61B30448.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\62AA4672.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\62F00239.class Infected: Trojan.Java.Binny.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\644A16C2.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\64CB00A2.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\660D6C10.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\67097C64.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\67457D66.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\67F0363D.class Infected: Trojan.Java.ClassLoader.z
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\680C0B9E.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\680F359B.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\680F359B.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\680F359B.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\680F359B.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\680F359B.zip Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\68125F97.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6C101FFF.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6D226019.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6D874262.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6E1B2F57.class Infected: Trojan.Java.ClassLoader.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6EF77E81.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6F2F5CBC.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\70FD4785.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\71B172D9.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\71B172D9.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\71D227CB.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\73A160B7.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\73B8069E.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\73BE5A97.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\73D95228.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\768F239F.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A6712F.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A6712F.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A6712F.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A6712F.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A6712F.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A6712F.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\77A91B2B.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\791043DA.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\791043DA.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\791043DA.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\791043DA.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\791043DA.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\79187E61.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\791E4255.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\792E64D5.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\79E41278.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7A1F4276.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7A236C72.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7A26166F.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7A5A3635.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7A841D69.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7C7E0549.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7D11694B.class Infected: Trojan.Java.Femad
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7E1A6D16.class Infected: Trojan-Downloader.Java.OpenStream.d
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB65170.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB65170.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB65170.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB65170.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB65170.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB65170.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7EB97B6C.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP26\A0005435.exe Infected: Trojan-Downloader.Win32.Agent.bq
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP26\A0005436.exe Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{77297452-5378-4CCE-95A6-90694B0E4DFF}\RP333\A0200713.exe Infected: Trojan.Win32.Agent.bi
C:\System Volume Information\_restore{77297452-5378-4CCE-95A6-90694B0E4DFF}\RP333\A0200714.exe Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{77297452-5378-4CCE-95A6-90694B0E4DFF}\RP333\A0200715.exe Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{77297452-5378-4CCE-95A6-90694B0E4DFF}\RP333\A0200716.exe Infected: Trojan-Downloader.Win32.Agent.bc
C:\System Volume Information\_restore{77297452-5378-4CCE-95A6-90694B0E4DFF}\RP333\A0200734.exe Infected: Trojan-Downloader.Win32.Agent.bc

Scan process completed.

I ran Ewido (before uninstalling it, of course!) Here is that report:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 11:15:29 AM, 8/17/2005
+ Report-Checksum: 2361D55

+ Scan result:

C:\WINDOWS\sdkug.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32:ccaa.dll -> TrojanDownloader.Small.azk : Cleaned with backup
C:\WINDOWS\system32\syssx32.exe -> Trojan.Agent.bi : Cleaned with backup


::Report End

I didn't know if I had installers for the VAIO software installations, so I did nothing.

I don't know how to do a restore point.

A new problem: When I boot up, the computer says it is:

Checking file system on D:
The type of file system is NTFS

Then it runs a check on the disk before loading Windows.

Here is my hijack this log:

Logfile of HijackThis v1.99.1
Scan saved at 12:32:16 PM, on 8/17/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\Program Files\QuickTime\qttask.exe
D:\iTunesHelper.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\AdSubtract\adsub.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Sony\Giga Pocket\shwserv.exe
C:\PROGRA~1\Iomega\System32\ActivityDisk.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
C:\Program Files\Sony\Giga Pocket\GPVSvr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
D:\bin\iPodService.exe
C:\Program Files\Sony\Giga Pocket\RM_SV.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [VAIO Recovery] C:\Windows\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] D:\iTunesHelper.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Shortcut to TeaTimer.exe.lnk = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AdSubtract.lnk = C:\Program Files\AdSubtract\adsub.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1104788209437
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft...free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E52DBF4B-FF0E-4A27-847A-0212158BFD1E}: NameServer = 68.94.156.1 206.13.30.12
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: Iomega Activity Disk2 - Iomega Corporation - C:\PROGRA~1\Iomega\System32\ActivityDisk.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - D:\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Giga Pocket\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe


Is this line correct?
>R3 - Default URLSearchHook is missing

It seems different than before.

Thank you!
  • 0

#23
kool808
Posted 17 August 2005 - 04:55 PM

kool808

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,690 posts
everything looks clean and clear! :tazz:

The kaspersky results:
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\

these are actually infections found by your antivirus program that where placed under its Quarantine section, you can verify that by openning your AV then look for that section. Let it remain for one week, if everythings runs fine you can delete those files inside that section / folder.

+++++++++++++++++++++++++++
To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.

(Windows XP)
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.

How to Turn On and Turn Off System Restore in Windows XP, HERE
+++++++++++++++++++++++++++

Is this line correct?
>R3 - Default URLSearchHook is missing

OPTIONAL FIX! this is just fine, no need to worry.


How is your system running, are there any malware related issues being experienced?
  • 0

#24
BuddyMG
Posted 17 August 2005 - 05:51 PM

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts
I've run SpyBot-S&D, Ad-Aware, and Spy Sweeper - all are clear! Thank you very much -

The only thing I've noticed is that the computer is still checking the D drive when booting up, rather than going to the Windows screen. Any idea why or what I can do about it? And IE seems to be going a bit slower than before, but maybe that's in my head. Again, thank you very much - and please let me know what I can do to prevent future re-infections.

Here is a final (I hope!) hijack this log:

Logfile of HijackThis v1.99.1
Scan saved at 4:51:22 PM, on 8/17/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\Program Files\QuickTime\qttask.exe
D:\iTunesHelper.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\AdSubtract\adsub.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Sony\Giga Pocket\shwserv.exe
C:\PROGRA~1\Iomega\System32\ActivityDisk.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
C:\Program Files\Sony\Giga Pocket\GPVSvr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\WINDOWS\System32\HPZipm12.exe
D:\bin\iPodService.exe
C:\Program Files\Sony\Giga Pocket\RM_SV.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [VAIO Recovery] C:\Windows\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] D:\iTunesHelper.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Shortcut to TeaTimer.exe.lnk = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AdSubtract.lnk = C:\Program Files\AdSubtract\adsub.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1104788209437
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft...free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E52DBF4B-FF0E-4A27-847A-0212158BFD1E}: NameServer = 68.94.156.1 206.13.30.12
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: Iomega Activity Disk2 - Iomega Corporation - C:\PROGRA~1\Iomega\System32\ActivityDisk.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - D:\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Giga Pocket\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
  • 0

#25
kool808
Posted 18 August 2005 - 05:16 AM

kool808

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,690 posts
everything looks great! ;)
  • Open spybot
  • on menu bar, from Mode > Advance Mode
  • On the left pane, choose Settings > Settings
  • under Program Start > UNCHECK all boxes
  • under System Start > UNCHECK all boxes and choose NO Automation
  • on the menu bar, from Mode > Default Mode
  • close spybot
  • reboot

++++++++++++++++++
:) :) :) :ph34r: :) :tazz: :) :) :tazz: :tazz: :ph34r:


Congratulations! :) your system is CLEAN!

WinXP Reset & All-Clean1

We have a couple of last steps to perform and then you're all set.

First, let's reset your hidden/system files and folders. System files are hidden for a reason and we don't want to have them openly available and susceptible to accidental deletion.
* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View tab.
* Under the Hidden files and folders heading UNSELECT Show hidden files and folders.
* CHECK the Hide protected operating system files (recommended) option.
* Click Yes to confirm.
* Click OK.
Next, let's clean your restore points and set a new one:

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)1. Turn off System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Restart your computer.

3. Turn ON System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check Turn off System Restore.
Click Apply, and then click OK.
[/list]System Restore will now be active again.

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:
  • SpywareBlaster to help prevent spyware from installing in the first place.
  • SpywareGuard to catch and block spyware before it can execute.
  • IESpy-Ad to block access to malicious websites so you cannot be redirected to them from an infected site or email.
You should also have a good firewall. Here are 3 free ones available for personal use:and a good antivirus (these are also free for personal use):It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visitmonthly. And to keep your system clean run these free malware scannersweekly, and be aware of what emails you open and websites you visit.

To learn more about how to protect yourself while on the internet read this article by Tony Klein: So how did I get infected in the first place?

Security Updates - Softwares:
http://www.geekstogo.com/forum/Security-Updates-f69.html

.: My Blog :.
  • 0

Advertisements

#26
BuddyMG
Posted 19 August 2005 - 12:16 AM

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts
It's all still clean! Thank you very much, I really appreciate it...
  • 0

#27
kool808
Posted 19 August 2005 - 09:11 AM

kool808

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,690 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP