In desperate need of help

Unknown

My computer is acting incredibly odd. I can't run Windows Defender and my computer seems to have a mind of its own. I put it on stand by and it turns itself back on. I am getting a lot of popups that are all the same. Please help!

Linc

Check this out! Our staff here is top-notch, so they should be able to get you sorted if these initial steps don't.

Sir Joe

OK sorry about that. I got things done. First, my Hijack This log.

Logfile of HijackThis v1.99.1
Scan saved at 5:23:33 PM, on 3/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Sony\Giga Pocket\shwserv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Sony\Giga Pocket\RM_SV.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\AIM\AIMWDI~1.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe
C:\Program Files\D-Tools\daemon.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\WINDOWS\system32\dlbxcoms.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Palm\HOTSYNC.EXE
C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
C:\Program Files\sony\usbsircs\usbsircs.exe
c:\program files\common files\aol\1133563883\ee\services\antiSpywareApp\ver2_0_7\AOLSP Scheduler.exe
C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
c:\program files\common files\aol\1133563883\ee\aolsoftware.exe
C:\Program Files\Sony\Giga Pocket\gps.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\OPScan.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\bfu\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://fast-finder.com/searchresults.asp?si=20061&k=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [AIMWDInstallFilename] C:\PROGRA~1\AIM\AIMWDI~1.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [lmu] C:\WINDOWS\LMU.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1133563883\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [w001e8f3.dll] RUNDLL32.EXE w001e8f3.dll,I2 0009e4290001e8f3
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [lstat] c:\windows\system32\fthot.exe
O4 - HKLM\..\Run: [guarnset] C:\WINDOWS\system32\guarnset.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Remocon Driver.lnk = ?
O4 - Global Startup: Timer Recording Manager.lnk = C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.activation.rr.com/install/downloads/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: dlbx_device - Dell - C:\WINDOWS\system32\dlbxcoms.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


Panda Active Scan results

Incident Status Location

Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Emma\Application Data\Mozilla\Firefox\Profiles\73uclhp4.default\cookies-1.txt[.realmedia.com/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Emma\Application Data\Mozilla\Firefox\Profiles\73uclhp4.default\cookies-1.txt[searchportal.information.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Emma\Application Data\Mozilla\Firefox\Profiles\73uclhp4.default\cookies.txt[.go.com/]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Emma\Desktop\New Folder\l2mfix\Process.exe
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.2o7.net/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.hitbox.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.overture.com/]
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.azjmp.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.xiti.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.247realmedia.com/]
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.did-it.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.com.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.go.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.ehg-dig.hitbox.com/]
Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.spylog.com/]
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.toplist.cz/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.uol.com.br/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.bs.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/NewMedia Not disinfected C:\Documents and Settings\Home\Application Data\Mozilla\Firefox\Profiles\6wq4o18r.default\cookies.txt[.anm.co.uk/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Home\Cookies\home@2o7[1].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Home\Cookies\home@azjmp[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Home\Cookies\home@hitbox[2].txt
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\Documents and Settings\Home\Local Settings\Temp\gogibmvv.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Program Files\Mozilla Firefox\l2mfix\Process.exe
Adware:adware/dollarrevenue Not disinfected C:\WINDOWS\keyboard141.dat
Adware:Adware/CommAd Not disinfected C:\WINDOWS\RW1tYQ\lqYQsk.vbs
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\awmyvotb.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\cwgmtfar.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\cygfclwk.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\dtyqjwpf.exe
Adware:Adware/WinAntivirus2006 Not disinfected C:\WINDOWS\system32\faofxwgc.dll
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\froajjbi.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\gcanvtah.exe
Adware:Adware/AdLogix Not disinfected C:\WINDOWS\system32\install_id6.exe[SWin32.dll]
Adware:Adware/AdLogix Not disinfected C:\WINDOWS\system32\install_id6.exe[adstartup.exe]
Adware:Adware/AdLogix Not disinfected C:\WINDOWS\system32\install_id6.exe[modgxyz.exe]
Adware:Adware/AdLogix Not disinfected C:\WINDOWS\system32\install_id6.exe[adupdater.exe]
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\jkkiige.dll
Adware:Adware/WinAntivirus2006 Not disinfected C:\WINDOWS\system32\krrpuklp.dll
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\kwecemof.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\lctdrrdy.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\mhimyjlw.exe
Adware:Adware/WinAntivirus2006 Not disinfected C:\WINDOWS\system32\nxknpngu.dll
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\pxjrawcw.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\rqrqqqr.dll
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\rywnajnb.exe
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\srvmbqim.dll
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\ulnhcisv.dll
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\uwxrrluw.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\vrangiey.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\wjywmyca.dll
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\wlhldvvq.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\xjemmbua.exe
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\xjxddfys.dll
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\ytsnikwf.exe


Symantec keeps popping up saying my virus protection is turned off and I open it to turn it back on but it won't stay on. I am also having many popups and slow down. Thank you for any help you can provide.

Trogan

Hi Sir Joe,

Can you do the following please...

1. Please rename HijackThis.exe to Scanner.exe. Once that is done, create a new log and post it back here.

2. I need to see another log from HijackThis (Scanner).

• Run Hijackthis.
• Click on Open the Misc Tools section.
• Next click on Open uninstall manager.
• Press the Save list button.
• Save the file to your desktop, with the default name of uninstall_list
• Copy & Paste the entire contents of that file in your in your next post.

Sir Joe

Here you go.

ABBYY FineReader 6.0 Sprint Plus
Ad-Aware SE Personal
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat and Reader 6.0.3 Update
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 9 ActiveX
Adobe Photoshop 7.0
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 6.0.1
Advanced WMA Workshop version 2.09.9
Agere Systems AC'97 Modem
Ahead InCD
AIM Toolbar
America's Army
America's Army
AOL Instant Messenger
AOL Setup
AOL Uninstaller (Choose which Products to Remove)
ArmyOps
Audacity 1.2.4
AviSynth 2.5
Azureus
Battlefield 1942 Multiplayer Demo
Battlefield 2(TM) Demo
BitComet 0.82
BitTorrent 3.4.2
CardRd81
CC_ccProxyMSI
CC_ccStart
ccCommon
CCHelp
CCScore
CDisplay 1.8
Click to DVD 2.0 Menu Data
Click to DVD 2.1.10
Codec Pack - All In 1 6.0.2.7
Corel Paint Shop Pro X
CR2
DAEMON Tools
Dell Photo AIO Printer 962
DVD Decrypter (Remove Only)
DVgate Plus
Dystopia
EPSON Print CD
EPSON Printer Software
ESSAdpt
ESSANUP
ESSBrwr
ESSCAM
ESSCDBK
ESScore
ESSCT
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTUTOR
ESSvpaht
ESSvpot
ewido anti-malware
FlashFXP v3
FlashGet(JetCar)
ForeThought
Giga Pocket 5.5
Giga Pocket Demo Movie
Giga Pocket Hardware Library 5.5
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Video Viewer 1.0 (based on VLC 0.8.2 Player)
GTK+ Runtime 2.6.9 rev a (remove only)
Half-Life
Half-Life(R) 2
Half-Life: Counter-Strike
High-Speed Internet Options
HijackThis 1.99.1
HLPCCTR
HLPIndex
HLPPDOCK
HLPRFO
Intel(R) PRO Network Adapters and Drivers
InterActual Player
InterVideo WinDVD 5 for VAIO
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 6
Jasc Paint Shop Photo Album
Jasc Paint Shop Pro 8 Dell Edition
Java 2 Runtime Environment, SE v1.4.2_05
jetAudio VX for X5
JetShell for iAUDIO X5
JumpStart Music v1.0
Kaspersky Online Scanner
Keyhole 2 LT
Kodak EasyShare software
KSU
KXploit Tool
Learn2 Player (Uninstall Only)
LiveReg (Symantec Corporation)
LiveUpdate 1.90 (Symantec Corporation)
Macromedia Flash 5
Macromedia Shockwave Player
MAIET Gunz
MailFrontier Desktop
MapleStory
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft Data Access Components KB870669
Microsoft Halo
Microsoft Office Standard Edition 2003
Microsoft Office Visio Professional 2003
Microsoft Office XP Professional with FrontPage
Microsoft Web Publishing Wizard 1.52
Microsoft Works
MoodLogic
Mozilla Firefox (2.0.0.2)
MSN Messenger 7.0
MSN Music Assistant
MSN Toolbar
MSRedist
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 Parser and SDK
Nero - Burning Rom
Netscape (7.02)
Netscape Internet Service Setup
Network Play System (Patching)
NewsBin Pro V5
Norton AntiSpam
Norton AntiSpam
Norton AntiVirus
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton WMI Update
Notifier
NVIDIA Drivers
OpenMG Limited Patch 4.1-05-13-31-01
OpenMG Secure Module 4.1.00
OTtBP
OTtBPSDK
Palm Desktop
Panda ActiveScan
PCDLNCH
PictureGear Studio 2.0
Plan of Attack
PlanetSide
Print to Fax
PSP Image Converter 0.6.6
PSP Movie Creator(remove only)
PSP Video 9 1.62
PSP Video Express(remove only)
Puzzle Pirates
Quicken 2005
QuickTime
RadioShack USB to Serial Cable
RealFlight G3 Demo
RealPlayer Basic
Red Orchestra 3.3 Full Install
RoadRunner
SC Ver 2.58
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929969)
SeeMePlayMe Client
SFR
SFR2
Shockwave
SimCity 4 Deluxe
Sonic RecordNow!
SonicStage 3.0
Sony Certificate PCH
Sony Video Shared Library
Soulseek Client 152
SoulSeek Client 156c
SpeechRedist
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
Steam
Stubbs The Zombie
Symantec Script Blocking Installer
System Requirements Lab
The Print Shop 20
The Sims 2
The Sims Livin' Large
TOP PRODUCER 6i
Total Video Converter 3.02
Trillian
Unreal Tournament 2004
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB931836)
VAIO Entertainment Platform
VAIO Help and Support
VAIO Media 3.1
VAIO Media Integrated Server 3.1
VAIO Media Redistribution 3.1
VAIO Registration
VAIO Remote Commander Utility 6.2
VAIO SLIT Pattern Wallpaper
VAIO SLIT-C Screen Saver
VAIO Survey Standalone
VAIO System Information
VAIO Update 2
VCAMCEN
Ventrilo Client
Viewpoint Media Player
VIRTUAL RC RACING
VIRTUAL RC RACING DEMO
VPRINTOL
WarRock
Welcome to VAIO life
WinAce Archiver
Winamp (remove only)
Windows Defender
Windows Defender Signatures
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888240
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
WINForms® Desktop
World of Warcraft
X-Chat 2.6.0-1
Xfire (remove only)
Yahoo! Messenger
YSIGet
ZoneAlarm

Trogan

Could you also rename HijackThis, as asked for in my previous, and post a new log.

Thanks!

Sir Joe

I did rename it. I don't know if I did it right but it says Scanner when I open it.
New log

Logfile of HijackThis v1.99.1
Scan saved at 1:59:23 PM, on 3/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Sony\Giga Pocket\shwserv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Sony\Giga Pocket\RM_SV.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\PROGRA~1\AIM\AIMWDI~1.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe
C:\Program Files\D-Tools\daemon.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\WINDOWS\system32\dlbxcoms.exe
C:\Program Files\MSN Apps\Updater\01.05.0000.1009\en-us\msnappau.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\AOL\1133563883\ee\aolsoftware.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Palm\HOTSYNC.EXE
C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
c:\program files\common files\aol\1133563883\ee\services\antiSpywareApp\ver2_0_7\AOLSP Scheduler.exe
C:\Program Files\sony\usbsircs\usbsircs.exe
c:\program files\common files\aol\1133563883\ee\aolsoftware.exe
C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
C:\Program Files\Sony\Giga Pocket\gps.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\bfu\HijackThis\Scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://fast-finder.com/searchresults.asp?si=20061&k=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {597D1BCA-E45A-44F2-93D7-0B1E0AF47E1F} - \
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: SDWin32 Class - {B03217B1-8C23-4ACB-AEE8-28E41E527A51} - C:\WINDOWS\system32\gvvkv.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {C47A9554-195A-4769-9B13-04F15B450A39} - C:\WINDOWS\system32\rqrqqqr.dll
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\system32\anhuxjmn.dll (file missing)
O2 - BHO: (no name) - {D8F6CD2B-21B3-470D-A317-07F9181267C1} - C:\WINDOWS\system32\sstqq.dll
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\ulnhcisv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [AIMWDInstallFilename] C:\PROGRA~1\AIM\AIMWDI~1.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [lmu] C:\WINDOWS\LMU.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1133563883\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [w001e8f3.dll] RUNDLL32.EXE w001e8f3.dll,I2 0009e4290001e8f3
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [lstat] c:\windows\system32\fthot.exe
O4 - HKLM\..\Run: [guarnset] C:\WINDOWS\system32\guarnset.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\hveuhdtm.dll",setvm
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Remocon Driver.lnk = ?
O4 - Global Startup: Timer Recording Manager.lnk = C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.activation.rr.com/install/downloads/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O20 - Winlogon Notify: rqrqqqr - C:\WINDOWS\SYSTEM32\rqrqqqr.dll
O20 - Winlogon Notify: sstqq - C:\WINDOWS\system32\sstqq.dll
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: dlbx_device - Dell - C:\WINDOWS\system32\dlbxcoms.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Trogan

Hi Sir Joe! That's what I wanted to see.

Please do the following...

1. Click Start > Run > type in appwiz.cpl and hit enter. From the list uninstall the following, if present:

ewido anti-malware <-- there is an updated version. We will download and install that later.

2. Need to scan a file:

• Go to VirusTotal
• Copy and paste the following file path into the Search Box at the top of the page:
  C:\WINDOWS\LMU.exe

[*]Click on the Send button
[*]Save a copy of the results and post them in your next reply.
Do the same for the following file:

c:\windows\system32\fthot.exe

3. Please download VundoFix.exe to your desktop.

• Double-click VundoFix.exe to run it.
• Click the Scan for Vundo button.
• Once it's done scanning, click the Remove Vundo button.
• You will receive a prompt asking if you want to remove the files, click YES
• Once you click yes, your desktop will go blank as it starts removing Vundo.
• When completed, it will prompt that it will reboot your computer, click OK.
• Please post the contents of C:\vundofix.txt, along with the results from the file scanner and a new HiJackThis log.

Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.

Sir Joe

VirusTotal won't load for me for some reason.

VundoFix log

VundoFix V6.3.12

Checking Java version...

Java version is 1.4.2.5
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.2
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Scan started at 3:42:11 PM 3/6/2007

Listing files found while scanning....

C:\WINDOWS\system32\awmyvotb.exe
C:\WINDOWS\system32\boqnwjlp.dll
C:\WINDOWS\system32\cwgmtfar.exe
C:\WINDOWS\system32\cygfclwk.exe
C:\WINDOWS\system32\dtyqjwpf.exe
C:\WINDOWS\system32\faofxwgc.dll
C:\WINDOWS\system32\froajjbi.exe
C:\WINDOWS\system32\gcanvtah.exe
C:\WINDOWS\system32\jkkiige.dll
C:\WINDOWS\system32\krrpuklp.dll
C:\WINDOWS\system32\kwecemof.exe
C:\WINDOWS\system32\lctdrrdy.exe
C:\WINDOWS\system32\mhimyjlw.exe
C:\WINDOWS\system32\nxknpngu.dll
C:\WINDOWS\system32\pojwkqqn.exe
C:\WINDOWS\system32\pxjrawcw.exe
C:\WINDOWS\system32\qqtss.bak1
C:\WINDOWS\system32\qqtss.bak2
C:\WINDOWS\system32\qqtss.ini
C:\WINDOWS\system32\qqtss.ini2
C:\WINDOWS\system32\rqrqqqr.dll
C:\WINDOWS\system32\rywnajnb.exe
C:\WINDOWS\system32\sstqq.dll
C:\WINDOWS\system32\syfddxjx.ini
C:\WINDOWS\system32\ulnhcisv.dll
C:\WINDOWS\system32\uwxrrluw.exe
C:\WINDOWS\system32\vrangiey.exe
C:\WINDOWS\system32\wjywmyca.dll
C:\WINDOWS\system32\wlhldvvq.exe
C:\WINDOWS\system32\xjemmbua.exe
C:\WINDOWS\system32\xjxddfys.dll
C:\WINDOWS\system32\ytsnikwf.exe

Beginning removal...

Attempting to delete C:\WINDOWS\system32\awmyvotb.exe
C:\WINDOWS\system32\awmyvotb.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\boqnwjlp.dll
C:\WINDOWS\system32\boqnwjlp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\cwgmtfar.exe
C:\WINDOWS\system32\cwgmtfar.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\cygfclwk.exe
C:\WINDOWS\system32\cygfclwk.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\dtyqjwpf.exe
C:\WINDOWS\system32\dtyqjwpf.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\faofxwgc.dll
C:\WINDOWS\system32\faofxwgc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\froajjbi.exe
C:\WINDOWS\system32\froajjbi.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\gcanvtah.exe
C:\WINDOWS\system32\gcanvtah.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkkiige.dll
C:\WINDOWS\system32\jkkiige.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\krrpuklp.dll
C:\WINDOWS\system32\krrpuklp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\kwecemof.exe
C:\WINDOWS\system32\kwecemof.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\lctdrrdy.exe
C:\WINDOWS\system32\lctdrrdy.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\mhimyjlw.exe
C:\WINDOWS\system32\mhimyjlw.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\nxknpngu.dll
C:\WINDOWS\system32\nxknpngu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pojwkqqn.exe
C:\WINDOWS\system32\pojwkqqn.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\pxjrawcw.exe
C:\WINDOWS\system32\pxjrawcw.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\qqtss.bak1
C:\WINDOWS\system32\qqtss.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\qqtss.bak2
C:\WINDOWS\system32\qqtss.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\qqtss.ini
C:\WINDOWS\system32\qqtss.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\qqtss.ini2
C:\WINDOWS\system32\qqtss.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\rqrqqqr.dll
C:\WINDOWS\system32\rqrqqqr.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\rywnajnb.exe
C:\WINDOWS\system32\rywnajnb.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\sstqq.dll
C:\WINDOWS\system32\sstqq.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\syfddxjx.ini
C:\WINDOWS\system32\syfddxjx.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ulnhcisv.dll
C:\WINDOWS\system32\ulnhcisv.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\uwxrrluw.exe
C:\WINDOWS\system32\uwxrrluw.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\vrangiey.exe
C:\WINDOWS\system32\vrangiey.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\wjywmyca.dll
C:\WINDOWS\system32\wjywmyca.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\wlhldvvq.exe
C:\WINDOWS\system32\wlhldvvq.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\xjemmbua.exe
C:\WINDOWS\system32\xjemmbua.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\xjxddfys.dll
C:\WINDOWS\system32\xjxddfys.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ytsnikwf.exe
C:\WINDOWS\system32\ytsnikwf.exe Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\rqrqqqr.dll
C:\WINDOWS\system32\rqrqqqr.dll Has been deleted!

Performing Repairs to the registry.
Done!

Log for HijackThis
Logfile of HijackThis v1.99.1
Scan saved at 9:21:05 PM, on 3/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Sony\Giga Pocket\shwserv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sony\Giga Pocket\RM_SV.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\AIM\AIMWDI~1.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\dlbxcoms.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\AOL\1133563883\ee\AOLSoftware.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Palm\HOTSYNC.EXE
C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
C:\Program Files\sony\usbsircs\usbsircs.exe
c:\program files\common files\aol\1133563883\ee\services\antiSpywareApp\ver2_0_7\AOLSP Scheduler.exe
c:\program files\common files\aol\1133563883\ee\aolsoftware.exe
C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
C:\Program Files\Sony\Giga Pocket\gps.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trillian\trillian.exe
C:\bfu\HijackThis\Scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://fast-finder.com/searchresults.asp?si=20061&k=
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {597D1BCA-E45A-44F2-93D7-0B1E0AF47E1F} - \
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: SDWin32 Class - {B03217B1-8C23-4ACB-AEE8-28E41E527A51} - C:\WINDOWS\system32\gvvkv.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {C47A9554-195A-4769-9B13-04F15B450A39} - C:\WINDOWS\system32\rqrqqqr.dll (file missing)
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\system32\anhuxjmn.dll (file missing)
O2 - BHO: (no name) - {D8F6CD2B-21B3-470D-A317-07F9181267C1} - C:\WINDOWS\system32\sstqq.dll (file missing)
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [AIMWDInstallFilename] C:\PROGRA~1\AIM\AIMWDI~1.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [lmu] C:\WINDOWS\LMU.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1133563883\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [w001e8f3.dll] RUNDLL32.EXE w001e8f3.dll,I2 0009e4290001e8f3
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [lstat] c:\windows\system32\fthot.exe
O4 - HKLM\..\Run: [guarnset] C:\WINDOWS\system32\guarnset.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\hveuhdtm.dll",setvm
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" -quiet
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Remocon Driver.lnk = ?
O4 - Global Startup: Timer Recording Manager.lnk = C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.activation.rr.com/install/downloads/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: dlbx_device - Dell - C:\WINDOWS\system32\dlbxcoms.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

Trogan

Hi Sir Joe!

Please do the following...

1. Make sure you can view hidden files and folders:

• Click Start.
• Open My Computer.
• Select the Tools menu and click Folder Options.
• Select the View Tab.
• Under the Hidden files and folders heading select Show hidden files and folders.
• Uncheck the Hide protected operating system files (recommended) option.
• Click Yes to confirm.
• Click OK.

2. Open HijackThis
- Click the Do a system scan only button
- Check the following entries (below)

O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com
O1 - Hosts: 207.68.172.246 msn.com

O2 - BHO: SDWin32 Class - {B03217B1-8C23-4ACB-AEE8-28E41E527A51} - C:\WINDOWS\system32\gvvkv.dll (file missing)
O2 - BHO: (no name) - {C47A9554-195A-4769-9B13-04F15B450A39} - C:\WINDOWS\system32\rqrqqqr.dll (file missing)
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\system32\anhuxjmn.dll (file missing)
O2 - BHO: (no name) - {D8F6CD2B-21B3-470D-A317-07F9181267C1} - C:\WINDOWS\system32\sstqq.dll (file missing)

O4 - HKLM\..\Run: [lmu] C:\WINDOWS\LMU.exe
O4 - HKLM\..\Run: [w001e8f3.dll] RUNDLL32.EXE w001e8f3.dll,I2 0009e4290001e8f3
O4 - HKLM\..\Run: [lstat] c:\windows\system32\fthot.exe
O4 - HKLM\..\Run: [guarnset] C:\WINDOWS\system32\guarnset.exe
O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\system32\hveuhdtm.dll",setvm

- Close ALL open windows (especially Internet Explorer!)
- Click Fix Checked
Close HiajckThis

3. Find and delete the following Files in RED, if present:

C:\WINDOWS\LMU.exe
C:\WINDOWS\System32\w001e8f3.dll
C:\WINDOWS\system32\fthot.exe
C:\WINDOWS\system32\guarnset.exe
C:\WINDOWS\system32\hveuhdtm.dll

4. Reboot the computer and post a new HijackThis log.

We will clean up whatever is left in the next round.

Sir Joe

New HijackThis log

Logfile of HijackThis v1.99.1
Scan saved at 9:06:06 PM, on 3/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\AIM\AIMWDI~1.EXE
C:\Program Files\Sony\Giga Pocket\shwserv.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe
C:\Program Files\D-Tools\daemon.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\AOL\1133563883\ee\AOLSoftware.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Palm\HOTSYNC.EXE
C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\sony\usbsircs\usbsircs.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
c:\program files\common files\aol\1133563883\ee\services\antiSpywareApp\ver2_0_7\AOLSP Scheduler.exe
c:\program files\common files\aol\1133563883\ee\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Sony\Giga Pocket\gps.exe
C:\WINDOWS\system32\dlbxcoms.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Sony\Giga Pocket\RM_SV.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Trillian\trillian.exe
C:\bfu\HijackThis\Scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://fast-finder.com/searchresults.asp?si=20061&k=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {597D1BCA-E45A-44F2-93D7-0B1E0AF47E1F} - \
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [AIMWDInstallFilename] C:\PROGRA~1\AIM\AIMWDI~1.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB002" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1133563883\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" -quiet
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Remocon Driver.lnk = ?
O4 - Global Startup: Timer Recording Manager.lnk = C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.activation.rr.com/install/downloads/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: dlbx_device - Dell - C:\WINDOWS\system32\dlbxcoms.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

Thanks for the help so far!

Trogan

Log is clean. How is the computer?

Sir Joe

Working just fine. Thanks a ton. One last request. How do I remove Norton Antivirus? I got the trial when I first got my computer but it has run out and they keep wanting me to pay for the complete thing and the darn thing pops up every couple minutes saying my virus protection is out of date. The program doesn't show up on the Add/Remove Programs list. Thanks a ton.

Trogan

Hi Sir Joe!

The uninstall list, that you provided earlier, shows the following Norton entries:

LiveReg (Symantec Corporation)
LiveUpdate 1.90 (Symantec Corporation)
Norton AntiSpam
Norton AntiSpam
Norton AntiVirus
Norton Internet Security
Norton WMI Update
Symantec Script Blocking Installer

Double check to make they are not present in Add/Remove programs. If you are certain they are not present, then download and run the Norton Removal Tool

Secondly, your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...

Updating Java:

• Download the latest version of Java Runtime Environment (JRE) 6 .
• Click the "Download" button to the right.
• Check the box that says: "Accept License Agreement."
• The page will refresh.
• Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
• Close any programs you may have running - especially your web browser.
• Go to Start > Control Panel double-click on Add/Remove programs and remove the following...
  • J2SE Runtime Environment 5.0 Update 2
  • J2SE Runtime Environment 5.0 Update
  • Java 2 Runtime Environment, SE v1.4.2_05
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on jre-6-windows-i586.exe to install the newest version.

Let me know how it goes.

Sir Joe

All is well in my computer now! Huzzah! Thanks for all your patience and help.

Trogan

You're welcome!

This topic is now closed. If you wish it reopened, please send a Private Message (PM) to one of the Spyware Mods with a link to your thread.

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required.

If you are not the user who started this thread, you must start a new Thread instead

Would you also be interested to join Short-Media (Team #93) with the Folding@Home Project? More information available here