Hi,
OK, I have followed your instructions. Again, things went pretty smoothly, with one exception. When I was running Killbox in Safe Mode, and trying to do standard file kills on the files you mentioned, Killbox said the first six files could not be found, and it said that it "could not delete" the last, seventh file, C:\PROGRAM FILES\COMMON FILES\FreeProd1.
With that said, here are the logs you requested.
HijackThis Log:
Logfile of HijackThis v1.99.1
Scan saved at 10:43:54 AM, on 10/4/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\2Wire\Gateway\2PortalMon.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://email.usc.edu/O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\Gateway\2PortalMon.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MTV Networks Video Optimizer.lnk = C:\Program Files\MTV Networks\VOpt\MTVOptTray.exe
O4 - Global Startup: VPN Dialer (OnStartup).lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .edf: C:\Program Files\Internet Explorer\PLUGINS\NPInfotl.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
http://www.ipix.com/viewers/ipixx.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) -
http://www.streamaud...d/ccpm_0237.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1124248151241O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoft...free/asinst.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/...ro.cab33902.cabO16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) -
http://chat.yahoo.com/cab/yvwrctl.cabO16 - DPF: {F7A05BAC-9778-410A-9CDE-BFBD4D5D2B7F} (iPIX Media Send Class) -
http://216.249.24.60...geWell-ipix.cabO16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} (Microsoft Common Dialog Control, version 6.0) -
http://activex.micro...b5/comdlg32.cabO16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -
http://pdl.stream.ao.../ampx_en_dl.cabO23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
WinPFFind Log:
WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.
If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.
»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Microsoft Windows XP Current Build: Service Pack 1 Current Build Number: 2600
Internet Explorer Version: 6.0.2800.1106
»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»
Checking %SystemDrive% folder...
Checking %ProgramFilesDir% folder...
UPX! 6/28/2004 3:02:58 PM 149504 C:\Program Files\CWShredder.exe
UPX! 2/16/2005 11:06:16 AM 218112 C:\Program Files\HijackThis.exe
UPX! 10/4/2005 1:27:30 AM 50176 C:\Program Files\KillBox.exe
UPX! 7/17/2004 2:22:14 AM 26953157 C:\Program Files\NAV10ESD.exe
UPX! 9/7/2003 11:07:50 PM 702471 C:\Program Files\stinger.exe
qoologic 10/4/2005 1:26:08 AM 202953 C:\Program Files\WinPFind.zip
Checking %WinDir% folder...
Checking %System% folder...
FSG! 6/12/2005 8:55:50 PM 1881 C:\WINDOWS\SYSTEM32\c4t.exe
PEC2 8/28/2002 7:00:00 PM 41397 C:\WINDOWS\SYSTEM32\dfrg.msc
FSG! 6/12/2005 8:55:34 PM 25329 C:\WINDOWS\SYSTEM32\dgdgd.exe
PEC2 10/26/2004 3:38:24 PM 716800 C:\WINDOWS\SYSTEM32\DivX.dll
PECompact2 10/26/2004 3:38:24 PM 716800 C:\WINDOWS\SYSTEM32\DivX.dll
PTech 8/29/2005 1:27:12 PM 520968 C:\WINDOWS\SYSTEM32\LegitCheckControl.DLL
UPX! 6/12/2005 8:55:38 PM 119405 C:\WINDOWS\SYSTEM32\mc-58-12-0000093.exe
PECompact2 9/8/2005 9:36:32 PM 1997664 C:\WINDOWS\SYSTEM32\MRT.exe
aspack 9/8/2005 9:36:32 PM 1997664 C:\WINDOWS\SYSTEM32\MRT.exe
Umonitor 8/28/2002 7:00:00 PM 631808 C:\WINDOWS\SYSTEM32\rasdlg.dll
winsync 8/28/2002 7:00:00 PM 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu
Checking %System%\Drivers folder and sub-folders...
Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts
Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
10/4/2005 1:38:38 AM S 2048 C:\WINDOWS\bootstat.dat
9/29/2005 1:08:52 AM H 54156 C:\WINDOWS\QTFont.qfn
8/16/2005 8:10:02 PM H 0 C:\WINDOWS\inf\oem24.inf
10/2/2005 1:24:38 PM H 0 C:\WINDOWS\LastGood\INF\oem26.inf
10/2/2005 1:24:38 PM H 0 C:\WINDOWS\LastGood\INF\oem26.PNF
10/4/2005 1:38:22 AM H 8192 C:\WINDOWS\system32\config\default.LOG
10/4/2005 1:38:56 AM H 1024 C:\WINDOWS\system32\config\SAM.LOG
10/4/2005 1:38:40 AM H 16384 C:\WINDOWS\system32\config\SECURITY.LOG
10/4/2005 1:40:10 AM H 106496 C:\WINDOWS\system32\config\software.LOG
10/4/2005 1:38:44 AM H 1130496 C:\WINDOWS\system32\config\system.LOG
9/29/2005 12:08:24 AM H 1024 C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG
12/27/2005 7:28:30 PM HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\394f62f2-3752-4b48-a908-09efe3d5b933
10/4/2005 1:37:38 AM H 6 C:\WINDOWS\Tasks\SA.DAT
Checking for CPL files...
Microsoft Corporation 8/28/2002 7:00:00 PM 66048 C:\WINDOWS\SYSTEM32\access.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 578560 C:\WINDOWS\SYSTEM32\appwiz.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 129024 C:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 150016 C:\WINDOWS\SYSTEM32\hdwwiz.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 292352 C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 121856 C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation 8/17/2001 11:37:02 PM 48128 C:\WINDOWS\SYSTEM32\irprops.cpl
Microsoft Corporation 8/29/2002 4:41:00 AM 208896 C:\WINDOWS\SYSTEM32\joy.cpl
Sun Microsystems 6/3/2004 10:05:06 PM 61555 C:\WINDOWS\SYSTEM32\jpicpl32.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 187904 C:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 559616 C:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 256000 C:\WINDOWS\SYSTEM32\nusrmgr.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 36864 C:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 109056 C:\WINDOWS\SYSTEM32\powercfg.cpl
Apple Computer, Inc. 9/23/2004 6:57:40 PM 323072 C:\WINDOWS\SYSTEM32\QuickTime.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 268288 C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 28160 C:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation 8/28/2002 7:00:00 PM 90112 C:\WINDOWS\SYSTEM32\timedate.cpl
Microsoft Corporation 5/26/2005 4:16:30 AM 174360 C:\WINDOWS\SYSTEM32\wuaucpl.cpl
Microsoft Corporation 8/29/2002 4:41:00 AM 208896 C:\WINDOWS\SYSTEM32\dllcache\joy.cpl
»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»
Checking files in %ALLUSERSPROFILE%\Startup folder...
9/9/2002 7:49:58 AM HS 84 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
8/3/2003 12:46:08 PM 1730 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
4/18/2005 7:42:46 PM 1747 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MTV Networks Video Optimizer.lnk
10/2/2005 1:21:06 PM 2463 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Dialer (OnStartup).lnk
Checking files in %ALLUSERSPROFILE%\Application Data folder...
9/9/2002 12:33:50 AM HS 62 C:\Documents and Settings\All Users\Application Data\desktop.ini
1/4/2004 1:28:12 PM 13 C:\Documents and Settings\All Users\Application Data\DirectCDUserNameE.txt
Checking files in %USERPROFILE%\Startup folder...
9/9/2002 7:49:58 AM HS 84 C:\Documents and Settings\Daniel Werner\Start Menu\Programs\Startup\desktop.ini
Checking files in %USERPROFILE%\Application Data folder...
9/9/2002 12:33:50 AM HS 62 C:\Documents and Settings\Daniel Werner\Application Data\desktop.ini
6/6/2005 12:27:24 AM 62560 C:\Documents and Settings\Daniel Werner\Application Data\GDIPFONTCACHEV1.DAT
»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
YComp 5.0.0.0 = Yahoo! Companion
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\iO
{C14F7681-33D8-11D3-A09B-00500402F30B} = C:\Program Files\iO\iomenu.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
{09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = C:\Program Files\Norton AntiVirus\NavShExt.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Yahoo! Mail
{5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\WINDOWS\Downloaded Program Files\ymmapi.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Start Menu Pin = %SystemRoot%\system32\SHELL32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = C:\Program Files\Norton AntiVirus\NavShExt.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
= %SystemRoot%\system32\SHELL32.dll
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}
= c:\Program Files\Microsoft Money\System\mnyside.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}
Google Toolbar Helper = c:\program files\google\googletoolbar1.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}
CNavExtBho Class = C:\Program Files\Norton AntiVirus\NavShExt.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
&Yahoo! Messenger = C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
&Tip of the Day = %SystemRoot%\System32\shdocvw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = Norton AntiVirus : C:\Program Files\Norton AntiVirus\NavShExt.dll
{8E718888-423F-11D2-876E-00A0C9082467} = &Radio : C:\WINDOWS\System32\msdxm.ocx
{2318C2B1-4965-11d4-9B18-009027A5CD4F} = &Google : c:\program files\google\googletoolbar1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
MenuText = Sun Java Console : C:\WINDOWS\System32\msjava.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2499216C-4BA5-11D5-BD9C-000103C116D5}
ButtonText = Yahoo! Login :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
ButtonText = Messenger :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}
ButtonText = AIM : C:\Program Files\AIM\aim.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E023F504-0C5A-4750-A1E7-A9046DEA8A21}
ButtonText = MoneySide :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
ButtonText = Messenger : C:\Program Files\Messenger\MSMSGS.EXE
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
Media Band = %SystemRoot%\System32\browseui.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
&Yahoo! Messenger = C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}
Favorites Band = %SystemRoot%\System32\shdocvw.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
{EF99BD32-C1FB-11D2-892F-0090271D4F88} = :
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = Norton AntiVirus : C:\Program Files\Norton AntiVirus\NavShExt.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\System32\browseui.dll
{EF99BD32-C1FB-11D2-892F-0090271D4F88} = :
{4E7BD74F-2B8D-469E-D7E4-F660B597BF2A} = :
{2318C2B1-4965-11D4-9B18-009027A5CD4F} = &Google : c:\program files\google\googletoolbar1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
AGRSMMSG AGRSMMSG.exe
Cpqset C:\Program Files\HPQ\Default Settings\cpqset.exe
PreloadApp c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
srmclean C:\Cpqs\Scom\srmclean.exe
ATIPTA C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
MMTray C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
AdaptecDirectCD "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
WinampAgent "C:\Program Files\Winamp3\winampa.exe"
2wSysTray C:\Program Files\2Wire\Gateway\2PortalMon.exe
mmtask C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
HPDJ Taskbar Utility C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
HP Software Update "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
HP Component Manager "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
DeviceDiscovery C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
ViewMgr C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
ccApp "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
SunJavaUpdateSched C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
SSC_UserPrompt C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
TkBellExe "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
iTunesHelper C:\Program Files\iTunes\iTunesHelper.exe
QuickTime Task "C:\Program Files\QuickTime\qttask.exe" -atboottime
gcasServ "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
IMAIL Installed = 1
MAPI Installed = 1
MSFS Installed = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
AIM C:\Program Files\AIM\aim.exe -cnetwait.odl
MsnMsgr "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
Yahoo! Pager C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
syvlay C:\WINDOWS\System32\syvlay.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
{0DF44EAA-FF21-4412-828E-260A8728E7F1} =
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
dontdisplaylastusername 0
legalnoticecaption
legalnoticetext
shutdownwithoutlogon 1
undockwithoutlogon 1
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoDriveTypeAutoRun 149
CDRAutoRun 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\System32\webcheck.dll
SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
Shell = Explorer.exe
System =
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
= crypt32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
= cryptnet.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
= cscdll.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
= wlnotify.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
= wlnotify.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
= sclgntfy.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
= WlNotify.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
= wlnotify.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
= wlnotify.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
Debugger = ntsd -d
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLs
»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.4.1 - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 10/4/2005 1:56:35 AM
Kaspersky Online Scan Log:
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, October 04, 2005 10:37:33
Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 4/10/2005
Kaspersky Anti-Virus database records: 152353
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
E:\
Scan Statistics:
Total number of scanned objects: 84711
Number of viruses found: 59
Number of infected objects: 289
Number of suspicious objects: 0
Duration of the scan process: 6160 sec
Infected Object Name - Virus Name
C:\!KillBox\aun_0001.exe Infected: Trojan-Downloader.Win32.Small.akz
C:\!KillBox\tuvus.dll Infected: Trojan-Downloader.Win32.Small.bpk
C:\!KillBox\v2.dll Infected: not-a-virus:AdWare.Win32.EliteBar.a
C:\Program Files\GDiVXZen1.0.exe/data0012/data0001.cab/Save.exe Infected: not-a-virus:AdWare.Win32.SaveNow.af
C:\Program Files\GDiVXZen1.0.exe/data0012/data0001.cab/SaveUninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.bl
C:\Program Files\GDiVXZen1.0.exe/data0012/data0001.cab/Weather/Weather.exe Infected: not-a-virus:AdWare.Win32.SaveNow.m
C:\Program Files\GDiVXZen1.0.exe/data0012/data0001.cab/Weather/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.m
C:\Program Files\GDiVXZen1.0.exe/data0012/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.m
C:\Program Files\GDiVXZen1.0.exe/data0012 Infected: not-a-virus:AdWare.Win32.SaveNow.m
C:\Program Files\GDiVXZen1.0.exe/data0015 Infected: not-a-virus:AdWare.NewDotNet.d
C:\Program Files\GDiVXZen1.0.exe Infected: not-a-virus:AdWare.NewDotNet.d
C:\Program Files\Microsoft AntiSpyware\Quarantine\EC86A00F-82E4-4274-A960-26ECC6\BB6BC34B-C79E-4BA3-B59A-2EE01E/stream/data0005 Infected: not-a-virus:AdWare.Win32.BargainBuddy.y
C:\Program Files\Microsoft AntiSpyware\Quarantine\EC86A00F-82E4-4274-A960-26ECC6\BB6BC34B-C79E-4BA3-B59A-2EE01E/stream Infected: not-a-virus:AdWare.Win32.BargainBuddy.y
C:\Program Files\Microsoft AntiSpyware\Quarantine\EC86A00F-82E4-4274-A960-26ECC6\BB6BC34B-C79E-4BA3-B59A-2EE01E Infected: not-a-virus:AdWare.Win32.BargainBuddy.y
C:\Program Files\Norton AntiVirus\Quarantine\011C28A5 Infected: Trojan-Downloader.JS.Small.b
C:\Program Files\Norton AntiVirus\Quarantine\037B0FFC.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\037B0FFC.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\058C1FC2.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\06E42F3D.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\06E75939.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\06EC6959.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\07525F61.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\07B26386.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\07B60D83.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\08A12BAB Infected: Trojan-Downloader.Win32.Agent.ae
C:\Program Files\Norton AntiVirus\Quarantine\093872ED.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\093B1CE9.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\0AE83854.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\0AE83854.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\0B61359F.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\0B670998.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\0EA17A41 Infected: Trojan-Downloader.JS.Small.b
C:\Program Files\Norton AntiVirus\Quarantine\0EA4243E Infected: Trojan-Downloader.JS.Small.b
C:\Program Files\Norton AntiVirus\Quarantine\0F0B0105.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\0F0B0105.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\0F61382D.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\0F64622A.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\0F876F46 Infected: Exploit.HTML.CodeBaseExec
C:\Program Files\Norton AntiVirus\Quarantine\10D32C90.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\10D6568C.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\10D90088.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\10DD2A85.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\10E05481.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\10E37E7E.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\10E6287A.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\10EA5277.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\10ED7C73.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\10F0266F.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\10F3506C.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\10F77A68.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\10FA2465.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\10FD4E61.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\1100785D.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\11023FD1 Infected: Trojan-Downloader.Win32.PurityScan.f
C:\Program Files\Norton AntiVirus\Quarantine\1104225A.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\11074C56.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\110A7653.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\110E204F.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\11114A4B.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\11147448.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\11171E44.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\118D1D4F.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\118D1D4F.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\1287658B.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\128A0F87.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\12E31B5F.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\13237868 Infected: Trojan-Downloader.JS.IstBar.j
C:\Program Files\Norton AntiVirus\Quarantine\13491167.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\167B35A4.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\167B35A4.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\18036B81.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\18036B81.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\183F729F.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\18AF44FB.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\18B26EF7.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\1A053869 Infected: Trojan.Win32.StartPage.ko
C:\Program Files\Norton AntiVirus\Quarantine\1A684EE9.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\1A6B78E5.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\1B98562A Infected: not-a-virus:AdWare.Win32.BiSpy.q
C:\Program Files\Norton AntiVirus\Quarantine\1B9B0026 Infected: not-a-virus:AdWare.Win32.BiSpy.f
C:\Program Files\Norton AntiVirus\Quarantine\1BB063D6 Infected: Exploit.HTML.CodeBaseExec
C:\Program Files\Norton AntiVirus\Quarantine\1E454BCF Infected: not-a-virus:AdWare.Win32.ImiBar.b
C:\Program Files\Norton AntiVirus\Quarantine\1E73575E.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\1ED94D65.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\1EF1609E.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\1FC7113B Infected: not-a-virus:AdWare.Win32.ImiBar.b
C:\Program Files\Norton AntiVirus\Quarantine\1FE43544.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\21DD4D16 Infected: Trojan-Downloader.JS.Small.b
C:\Program Files\Norton AntiVirus\Quarantine\229A6646 Infected: Trojan-Downloader.JS.IstBar.k
C:\Program Files\Norton AntiVirus\Quarantine\231F4026.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\23DD2F7E.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\26290EEE.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\291435EC.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\291435EC.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\29CD74F5.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\29CD74F5.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\2A03135D.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\2A690964.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\2BB855AE Infected: Trojan-Downloader.Win32.IstBar.fa
C:\Program Files\Norton AntiVirus\Quarantine\2BBC74B6 Infected: not-a-virus:AdWare.Win32.BetterInternet.d
C:\Program Files\Norton AntiVirus\Quarantine\2BC01EB3 Infected: not-a-virus:AdWare.Win32.BetterInternet.d
C:\Program Files\Norton AntiVirus\Quarantine\2C0A6CEC.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\2F5C290E.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\2F5F530A.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\311F04E1.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\31222EDE.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\33A65C36.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\33A65C36.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\34E54807.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\34E97204.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\35944F5B.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\35FA4563.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\364C4D66.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\3653215F.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\374911AD Infected: Trojan-Downloader.Win32.Agent.ae
C:\Program Files\Norton AntiVirus\Quarantine\37874678 Infected: Trojan-Downloader.Win32.PurityScan.f
C:\Program Files\Norton AntiVirus\Quarantine\38470ADB.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\385108D1.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\38585CC9.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\38585CC9.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\38585CC9.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\38585CC9.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\38585CC9.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\385B06C6.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\38615ABF.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\386504BB.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\38682EB7.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\388510B7.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\38883AB3.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\3B3452E8.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\3B3452E8.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\40A60C10.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\40AA360C.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\41240B5A.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\41502D20 Infected: not-a-virus:AdWare.Win32.BiSpy.f
C:\Program Files\Norton AntiVirus\Quarantine\418A0161.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\419A5A29 Infected: Trojan-Downloader.Win32.Harnig.gen
C:\Program Files\Norton AntiVirus\Quarantine\41E22852.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\41E5524E.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\423D57CF.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\423D57CF.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\42CE720D.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\42CE720D.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\45EE794D Infected: Exploit.HTML.CodeBaseExec
C:\Program Files\Norton AntiVirus\Quarantine\467E57FE.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\468101FB.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\46E123F9.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\46E44DF5.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\475D7360.dll Infected: Trojan.Win32.KillAV.de
C:\Program Files\Norton AntiVirus\Quarantine\48012586.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\48012586.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\480D4E9E.exe Infected: Backdoor.Win32.Jeemp.c
C:\Program Files\Norton AntiVirus\Quarantine\49097AF8 Infected: Backdoor.Win32.Ruledor.c
C:\Program Files\Norton AntiVirus\Quarantine\4BAE69ED.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\4BB213E9.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\4BCA3E5C.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\4C601402.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\4C601402.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\4C675019.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\4C675019.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\4D1A3D60.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\4D803367.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\4E6909AA Infected: not-a-virus:AdWare.Win32.SaveNow.f
C:\Program Files\Norton AntiVirus\Quarantine\508A0E45.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\50A22595.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\50A22595.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\54D07F1D Infected: Trojan-Dropper.Win32.Small.ff
C:\Program Files\Norton AntiVirus\Quarantine\55D365DE.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\55D60FDB.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\562F637B.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\565B6290.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\565B6290.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\567E707F.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\56811A7B.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\58AB795F.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\58BA7DE6 Infected: Trojan-Spy.Win32.Briss.g
C:\Program Files\Norton AntiVirus\Quarantine\58EB5667 Infected: Exploit.HTML.CodeBaseExec
C:\Program Files\Norton AntiVirus\Quarantine\58F52D08.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\58F85705.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\59116F66.exe Infected: Trojan-Downloader.Win32.Agent.jq
C:\Program Files\Norton AntiVirus\Quarantine\5A7534D8.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\5A785ED4.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\5B69342C.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\5B69342C.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\5C8047C4.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\5C8047C4.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\62072ADA.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\620B54D7.new Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\62C228B2 Infected: not-a-virus:AdWare.Win32.BargainBuddy.n
C:\Program Files\Norton AntiVirus\