About 99% of computer problems sit in front of the monitor...lol!! You trying to tell me something?!
You are right, I'd say!
Thank you so much for getting back to me.....
Hokey dokey....back to business......
Kasperspy log:-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Thursday, October 27, 2005 17:07:46
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 27/10/2005
Kaspersky Anti-Virus database records: 147127
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
Scan Statistics:
Total number of scanned objects: 80203
Number of viruses found: 8
Number of infected objects: 117
Number of suspicious objects: 0
Duration of the scan process: 5656 sec
Infected Object Name - Virus Name
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\116D3CE5.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1B0A7349.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1B3B6913.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1C3609FF.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\20AA4719.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\20C416FC.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\31A1789C.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\451D2DFD.cla Infected: Trojan-Downloader.Java.OpenStream.w
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\49FF0278.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4E5E6ACD.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4EA35C81.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4EEE222F.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4F9B7F55 Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4F9B7F55.pif Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\51B7381E.cla Infected: Trojan-Downloader.Java.OpenStream.w
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\58F02A33.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6BB0639F.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6C466EFA.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6E3D0163.exe Infected: Trojan-Downloader.Win32.Adload.a
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6E6E269A.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6E925264.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6F1538C1.exe Infected: Trojan-Downloader.Win32.Adload.a
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\72FC3397.exe Infected: Worm.Win32.VB.an
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\74F33934.exe Infected: Trojan.Win32.Crypt.e
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7B9501E7.exe Infected: Trojan.Win32.Crypt.e
C:\RECYCLER\S-1-5-21-466199267-1805208415-477983044-1006\Dc20.tmp Infected: Worm.Win32.VB.an
C:\RECYCLER\S-1-5-21-466199267-1805208415-477983044-1006\Dc279.tmp Infected: Trojan-Downloader.Java.OpenStream.w
C:\RECYCLER\S-1-5-21-466199267-1805208415-477983044-1006\Dc7.tmp Infected: Worm.Win32.VB.an
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0011106.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0013089.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0014089.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0015089.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0016093.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0017089.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0019089.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0021089.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0022093.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0023089.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0024093.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0026089.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0027089.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0029094.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0029231.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0031178.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0032178.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0033178.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0034178.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP118\A0034192.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0035225.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0035237.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0037221.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0037243.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0038247.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0040243.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0041243.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0042243.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0043243.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0044243.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0045243.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0050243.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0051243.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0052247.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0053243.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0055243.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0056249.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0058243.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP119\A0058261.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP120\A0058288.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP120\A0065290.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP120\A0066295.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP121\A0067290.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP121\A0068290.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP122\A0068362.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP122\A0070362.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP122\A0072362.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP122\A0073362.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP122\A0073378.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP122\A0075362.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0075389.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0075395.exe Infected: Backdoor.Win32.Rbot.adx
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0075825.exe Infected: Worm.Win32.VB.an
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0075827.exe Infected: Worm.Win32.VB.an
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0075829.exe Infected: Worm.Win32.VB.an
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0076622.exe Infected: Worm.Win32.VB.an
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0076623.exe Infected: Trojan.Win32.Crypt.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0076624.exe Infected: Trojan.Win32.Crypt.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0077009.exe Infected: Worm.Win32.VB.an
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0077010.exe Infected: Worm.Win32.VB.an
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0077011.exe Infected: Worm.Win32.VB.an
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0077012.exe Infected: Trojan.Win32.Crypt.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0077014.exe Infected: Worm.Win32.VB.an
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0077018.exe Infected: Trojan.Win32.Crypt.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0077019.exe Infected: Trojan.Win32.Crypt.e
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0077020.exe Infected: Worm.Win32.VB.an
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP123\A0077021.exe Infected: Worm.Win32.VB.an
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079527.exe/username.exe Infected: Trojan-Downloader.Win32.Small.ya
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079527.exe/wudupdate.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079527.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079528.exe/username.exe Infected: Trojan-Downloader.Win32.Small.ya
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079528.exe/wudupdate.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079528.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079529.exe/username.exe Infected: Trojan-Downloader.Win32.Small.ya
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079529.exe/wudupdate.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079529.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079537.exe/username.exe Infected: Trojan-Downloader.Win32.Small.ya
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079537.exe/wudupdate.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079537.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079885.exe/username.exe Infected: Trojan-Downloader.Win32.Small.ya
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079885.exe/wudupdate.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079885.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079886.exe/username.exe Infected: Trojan-Downloader.Win32.Small.ya
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079886.exe/wudupdate.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP140\A0079886.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP141\A0080134.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP141\A0080182.exe Infected: Trojan-Downloader.Win32.Small.ya
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP141\A0080183.exe Infected: Trojan-Downloader.Win32.Small.ya
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP141\A0080184.exe Infected: Worm.Win32.VB.an
Scan process completed.
HJT normal log:Logfile of HijackThis v1.99.1
Scan saved at 17:11:11, on 27/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Netscape\Netscape\plugins\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\a2\a2guard.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\imapi.exe
C:\Documents and Settings\Amanda McGee\Desktop\hijack-this\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.euro.dell...gen/default.htmR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.accoona.c...mpaign=wdz0605aR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.ie...:en-GB:officialR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.ie...:en-GB:officialR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://uk.red.client...www.yahoo.co.ukR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://us.rd.yahoo.c...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.ie...:en-GB:officialR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.ie...:en-GB:officialR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.accoona.c...mpaign=wdz0605aR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Netscape\Netscape\plugins\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - blank (file missing)
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_3_12_0.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\Netscape\Netscape\plugins\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a2\a2guard.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: WkCalRem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Netscape\Netscape\plugins\Reader\reader_sl.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall60.t...all/xscan60.cabO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupd...b?1115725567500O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -
http://www3.ca.com/s...nfo/webscan.cabO16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) -
http://support.euro....er/PROFILER.CABO16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) -
http://us.dl1.yimg.c...utocomplete.cabO16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcaf...,26/mcgdmgr.cabO16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} -
http://download.mcaf...603/mcfscan.cabO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
HJT uninstall list:Ad-Aware SE Personal
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Download Manager 2.0 (Remove Only)
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 7.0.5
Adobe Stock Photos 1.0
a-squared Personal 1.6
ATI Control Panel
ATI Display Driver
AutoCAD 2004
Autodesk Express Viewer
Broadcom Advanced Control Suite 2
CC_ccProxyExt
ccCommon
CCleaner (remove only)
ccPxyCore
ColorWasher 2.02b Demo
Dell Driver Reset Tool
Dell Media Experience
Dell Photo Printer 720
Dell Support 5.0.0 (630)
EasyCleaner
ewido security suite
Excursion 9.5
Harry Potter
Harry Potter - Quidditch World Cup
Harry Potter and the Chamber of Secrets02
Harry Potter and the Prisoner of Azkaban
Harry Potter II
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.1
HTML Shrinker Light
HyperTyle 1.02 DEMO
Intel Application Accelerator
Intel® 537EP V9x DF PCI Modem
iTunes
J2SE Runtime Environment 5.0 Update 5
Kaspersky On-line Scanner
LightMachine 1.0b Demo
LiveReg (Symantec Corporation)
LiveUpdate 2.6 (Symantec Corporation)
Macromedia Flash MX 2004
Macromedia Shockwave Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Windows Journal Viewer
Microsoft Works 7.0
Modem Event Monitor
Modem Helper
Modem On Hold
Mozilla Firefox (1.0.7)
MSN
MSN Messenger 7.0
MSRedist
Norton AntiSpam
Norton AntiVirus 2005
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security 2005 (Symantec Corporation)
Norton WMI Update
Norton WMI Update
Plugin Galaxy DEMO 1.50
PowerDVD 5.3
QuickTime
SafeCast Shared Components
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
SPBBC
Spybot - Search & Destroy 1.4
Symantec Script Blocking Installer
SymNet
TrojanHunter 4.2
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Windows Installer 3.1 (KB893803)
Windows Media Connect
Windows Media Connect
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB887797
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
WinRAR archiver
WinZip
Yahoo! Address AutoComplete
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar
ZoneAlarm