Thread: Computer - especially IE running extremely slowly
View Single Post
Old 10-18-2005, 02:00 PM   #7 (permalink)
adaniel
Registered User
 
Join Date: Jun 2005
Posts: 83
OS: XP


kaspersky and hjt logs
Thanks tetonbob,

Here are the latest logs. The Kaspersky site did not seem to indicate wheteher it cleaned or not. The link we found was not called "launch Kaspersky Anti-Virus web Scanner", but otherwise it went according to your notes.

==============================

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, October 18, 2005 15:42:36
Operating System: Microsoft Windows 2000 Professional, Service Pack 4 (Build 2195)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 18/10/2005
Kaspersky Anti-Virus database records: 145536
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
R:\
S:\

Scan Statistics:
Total number of scanned objects: 41459
Number of viruses found: 17
Number of infected objects: 237
Number of suspicious objects: 14
Duration of the scan process: 2884 sec

Infected Object Name - Virus Name
C:\Account Settings\Outlook Express\SPAM.dbx/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/UNNAMED/UNNAMED/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/Information.zip/bxssacat.exe Suspicious: Password-protected-EXE
C:\Account Settings\Outlook Express\SPAM.dbx/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/UNNAMED/UNNAMED/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/Information.zip Suspicious: Password-protected-EXE
C:\Account Settings\Outlook Express\SPAM.dbx/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/UNNAMED/UNNAMED Suspicious: Password-protected-EXE
C:\Account Settings\Outlook Express\SPAM.dbx/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/UNNAMED Suspicious: Password-protected-EXE
C:\Account Settings\Outlook Express\SPAM.dbx/[From SunTrust bank <supprefnum57515280271787@suntrust.com>][Date Tue, 02 Nov 2004 05:10:44 -0600]/UNNAMED/html Infected: Trojan-Spy.HTML.Sunfraud.c
C:\Account Settings\Outlook Express\SPAM.dbx/[From SunTrust bank <supprefnum57515280271787@suntrust.com>][Date Tue, 02 Nov 2004 05:10:44 -0600]/UNNAMED Infected: Trojan-Spy.HTML.Sunfraud.c
C:\Account Settings\Outlook Express\SPAM.dbx Infected: Trojan-Spy.HTML.Sunfraud.c
C:\Account Settings\Outlook Express\Sent Items.dbx/[From "Tommy Warren" <tswarren@person.net>][Date Tue, 7 Jun 2005 13:41:26 -0400]/UNNAMED/email-info.zip/email-info.htm .scr Infected: Net-Worm.Win32.Mytob.bf
C:\Account Settings\Outlook Express\Sent Items.dbx/[From "Tommy Warren" <tswarren@person.net>][Date Tue, 7 Jun 2005 13:41:26 -0400]/UNNAMED/email-info.zip Infected: Net-Worm.Win32.Mytob.bf
C:\Account Settings\Outlook Express\Sent Items.dbx/[From "Tommy Warren" <tswarren@person.net>][Date Tue, 7 Jun 2005 13:41:26 -0400]/UNNAMED Infected: Net-Worm.Win32.Mytob.bf
C:\Account Settings\Outlook Express\Sent Items.dbx Infected: Net-Worm.Win32.Mytob.bf
C:\Documents and Settings\Tommy\Local Settings\Application Data\Identities\{7D69339C-90A6-4248-8BF2-A8B65CF575FA}\Microsoft\Outlook Express\SPAM.dbx/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/UNNAMED/UNNAMED/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/Information.zip/bxssacat.exe Suspicious: Password-protected-EXE
C:\Documents and Settings\Tommy\Local Settings\Application Data\Identities\{7D69339C-90A6-4248-8BF2-A8B65CF575FA}\Microsoft\Outlook Express\SPAM.dbx/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/UNNAMED/UNNAMED/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/Information.zip Suspicious: Password-protected-EXE
C:\Documents and Settings\Tommy\Local Settings\Application Data\Identities\{7D69339C-90A6-4248-8BF2-A8B65CF575FA}\Microsoft\Outlook Express\SPAM.dbx/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/UNNAMED/UNNAMED Suspicious: Password-protected-EXE
C:\Documents and Settings\Tommy\Local Settings\Application Data\Identities\{7D69339C-90A6-4248-8BF2-A8B65CF575FA}\Microsoft\Outlook Express\SPAM.dbx/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/UNNAMED Suspicious: Password-protected-EXE
C:\Documents and Settings\Tommy\Local Settings\Application Data\Identities\{7D69339C-90A6-4248-8BF2-A8B65CF575FA}\Microsoft\Outlook Express\SPAM.dbx/[From SunTrust bank <supprefnum57515280271787@suntrust.com>][Date Tue, 02 Nov 2004 05:10:44 -0600]/UNNAMED/html Infected: Trojan-Spy.HTML.Sunfraud.c
C:\Documents and Settings\Tommy\Local Settings\Application Data\Identities\{7D69339C-90A6-4248-8BF2-A8B65CF575FA}\Microsoft\Outlook Express\SPAM.dbx/[From SunTrust bank <supprefnum57515280271787@suntrust.com>][Date Tue, 02 Nov 2004 05:10:44 -0600]/UNNAMED Infected: Trojan-Spy.HTML.Sunfraud.c
C:\Documents and Settings\Tommy\Local Settings\Application Data\Identities\{7D69339C-90A6-4248-8BF2-A8B65CF575FA}\Microsoft\Outlook Express\SPAM.dbx Infected: Trojan-Spy.HTML.Sunfraud.c
C:\Documents and Settings\Tommy\Local Settings\Application Data\Identities\{7D69339C-90A6-4248-8BF2-A8B65CF575FA}\Microsoft\Outlook Express\Sent Items.dbx/[From "Tommy Warren" <tswarren@person.net>][Date Tue, 7 Jun 2005 13:41:26 -0400]/UNNAMED/email-info.zip/email-info.htm .scr Infected: Net-Worm.Win32.Mytob.bf
C:\Documents and Settings\Tommy\Local Settings\Application Data\Identities\{7D69339C-90A6-4248-8BF2-A8B65CF575FA}\Microsoft\Outlook Express\Sent Items.dbx/[From "Tommy Warren" <tswarren@person.net>][Date Tue, 7 Jun 2005 13:41:26 -0400]/UNNAMED/email-info.zip Infected: Net-Worm.Win32.Mytob.bf
C:\Documents and Settings\Tommy\Local Settings\Application Data\Identities\{7D69339C-90A6-4248-8BF2-A8B65CF575FA}\Microsoft\Outlook Express\Sent Items.dbx/[From "Tommy Warren" <tswarren@person.net>][Date Tue, 7 Jun 2005 13:41:26 -0400]/UNNAMED Infected: Net-Worm.Win32.Mytob.bf
C:\Documents and Settings\Tommy\Local Settings\Application Data\Identities\{7D69339C-90A6-4248-8BF2-A8B65CF575FA}\Microsoft\Outlook Express\Sent Items.dbx Infected: Net-Worm.Win32.Mytob.bf
C:\Documents and Settings\twarren\Local Settings\Application Data\Identities\{704B3545-BEB4-4244-922F-ED3803351DB5}\Microsoft\Outlook Express\Deleted Items.dbx/[From support@paypal.com <support@paypal.com>][Date Mon, 17 Oct 2005 23:23:43 +0200 (CEST)]/html Infected: Trojan-Spy.HTML.Paylap.fg
C:\Documents and Settings\twarren\Local Settings\Application Data\Identities\{704B3545-BEB4-4244-922F-ED3803351DB5}\Microsoft\Outlook Express\Deleted Items.dbx Infected: Trojan-Spy.HTML.Paylap.fg
C:\Documents and Settings\twarren\Local Settings\Application Data\Identities\{704B3545-BEB4-4244-922F-ED3803351DB5}\Microsoft\Outlook Express\SPAM.dbx/[From <cmcbroom@mindspring.com>][Date Mon, 22 Mar 2004 10:50:31 -0500]/UNNAMED/UNNAMED/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/Information.zip/bxssacat.exe Suspicious: Password-protected-EXE
C:\Documents and Settings\twarren\Local Settings\Application Data\Identities\{704B3545-BEB4-4244-922F-ED3803351DB5}\Microsoft\Outlook Express\SPAM.dbx/[From <cmcbroom@mindspring.com>][Date Mon, 22 Mar 2004 10:50:31 -0500]/UNNAMED/UNNAMED/[From cmcbroom@mindspring.com][Date Mon, 22 Mar 2004 10:50:31 -0500]/Information.zip Suspicious: Password-protected-EXE
C:\Documents and Settings\twarren\Local Settings\Application Data\Identities\{704B3545-BEB4-4244-922F-ED3803351DB5}\Microsoft\Outlook Express\SPAM.dbx/[From <cmcbroom@mindspring.com>][Date Mon, 22 Mar 2004 10:50:31 -0500]/UNNAMED/UNNAMED Suspicious: Password-protected-EXE
C:\Documents and Settings\twarren\Local Settings\Application Data\Identities\{704B3545-BEB4-4244-922F-ED3803351DB5}\Microsoft\Outlook Express\SPAM.dbx/[From <cmcbroom@mindspring.com>][Date Mon, 22 Mar 2004 10:50:31 -0500]/UNNAMED Suspicious: Password-protected-EXE
C:\Documents and Settings\twarren\Local Settings\Application Data\Identities\{704B3545-BEB4-4244-922F-ED3803351DB5}\Microsoft\Outlook Express\SPAM.dbx/[From "SunTrust bank" <supprefnum57515280271787@suntrust.com>][Date Tue, 02 Nov 2004 05:10:44 -0600]/UNNAMED/html Infected: Trojan-Spy.HTML.Sunfraud.c
C:\Documents and Settings\twarren\Local Settings\Application Data\Identities\{704B3545-BEB4-4244-922F-ED3803351DB5}\Microsoft\Outlook Express\SPAM.dbx/[From "SunTrust bank" <supprefnum57515280271787@suntrust.com>][Date Tue, 02 Nov 2004 05:10:44 -0600]/UNNAMED Infected: Trojan-Spy.HTML.Sunfraud.c
C:\Documents and Settings\twarren\Local Settings\Application Data\Identities\{704B3545-BEB4-4244-922F-ED3803351DB5}\Microsoft\Outlook Express\SPAM.dbx Infected: Trojan-Spy.HTML.Sunfraud.c
C:\Documents and Settings\twarren\Local Settings\Application Data\Identities\{704B3545-BEB4-4244-922F-ED3803351DB5}\Microsoft\Outlook Express\Sent Items.dbx/[From "Tommy Warren" <tswarren@person.net>][Date Tue, 7 Jun 2005 13:41:26 -0400]/UNNAMED/email-info.zip/email-info.htm .scr Infected: Net-Worm.Win32.Mytob.bf
C:\Documents and Settings\twarren\Local Settings\Application Data\Identities\{704B3545-BEB4-4244-922F-ED3803351DB5}\Microsoft\Outlook Express\Sent Items.dbx/[From "Tommy Warren" <tswarren@person.net>][Date Tue, 7 Jun 2005 13:41:26 -0400]/UNNAMED/email-info.zip Infected: Net-Worm.Win32.Mytob.bf
C:\Documents and Settings\twarren\Local Settings\Application Data\Identities\{704B3545-BEB4-4244-922F-ED3803351DB5}\Microsoft\Outlook Express\Sent Items.dbx/[From "Tommy Warren" <tswarren@person.net>][Date Tue, 7 Jun 2005 13:41:26 -0400]/UNNAMED Infected: Net-Worm.Win32.Mytob.bf
C:\Documents and Settings\twarren\Local Settings\Application Data\Identities\{704B3545-BEB4-4244-922F-ED3803351DB5}\Microsoft\Outlook Express\Sent Items.dbx Infected: Net-Worm.Win32.Mytob.bf
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\44384946 Infected: Email-Worm.Win32.Tanatos.b.dam
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\33060A97 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\33345665 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\33417E57 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\334B7C4C Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3C9B360D Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3D58393C Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5AFD609D Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5F3055FE Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\288F3540 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\28E478E3 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\29051CBF Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\293C6681 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\29AF2404 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3C5B3F77 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3C72655E Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5E505618 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5E5D7E0A Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\77CD060C Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\07DC0260 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0D0D42A9 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\24835ED9 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\316F02A0 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4BDA2B8E Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4BEA7D7C Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5A447FB1 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\69682D08 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6E82476A Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6B552FC4 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6B934D80 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\72181C53 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3B914B78 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3BC9153B Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3C624A92 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3D3A1DA5 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\79AA2F22 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\79B75714 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\79C15509 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\79C72902 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\22E441C4 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\25DD787F Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\25E77674 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\29691098 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3F7E764B Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\778E4699 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\78F5510E Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\790278FF Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\790C76F5 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\20C20542 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\20CC0337 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\327A53C2 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\32D24161 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3C7314C8 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\78C17022 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\78D14210 Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\78E43DFB Infected: Email-Worm.Win32.Sobig.f
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7B666A71 Infected: Email-Worm.Win32.Swen
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5E392740 Infected: Email-Worm.Win32.Tanatos.b.dam
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39DD276A Infected: Email-Worm.Win32.Tanatos.b.dam
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\770C31BF Infected: Email-Worm.Win32.Dumaru.a
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\60487A79 Infected: Email-Worm.Win32.Dumaru.a
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0D8B5A59 Infected: Email-Worm.Win32.Dumaru.a
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5C5050CE Infected: Trojan-Dropper.VBS.Inor.u
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\677B23A7 Infected: Trojan-Dropper.VBS.Inor.u
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\66F51511 Infected: Trojan-Dropper.VBS.Inor.u
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\512A1FE1 Infected: Email-Worm.Win32.Dumaru.a
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\53452F90 Infected: Email-Worm.Win32.Dumaru.a
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\55A74C03 Infected: Email-Worm.Win32.Dumaru.a
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7AD54AC9 Infected: Email-Worm.Win32.Dumaru.a
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1BFF4BB5 Infected: Email-Worm.Win32.Dumaru.a
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6EFB14A2 Infected: Email-Worm.Win32.Dumaru.a
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\75C63BB7 Infected: Email-Worm.Win32.NetSky.c
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6C3F2B91 Infected: Email-Worm.Win32.Dumaru.a
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\05CB2126 Infected: Email-Worm.Win32.NetSky.j
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\17B32FB5 Infected: Email-Worm.Win32.NetSky.j
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\47804918 Infected: Email-Worm.Win32.NetSky.j
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\088743D1 Infected: Email-Worm.Win32.NetSky.j
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7C0416B9 Infected: Email-Worm.Win32.NetSky.j
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\16B065A7 Infected: Email-Worm.Win32.NetSky.j
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\189953D2 Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18E06F83 Infected: Email-Worm.Win32.NetSky.b
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\746E3BE6 Infected: Email-Worm.Win32.NetSky.j
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\748561CD Infected: Email-Worm.Win32.NetSky.j
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\41124EB3 Infected: Email-Worm.Win32.NetSky.j
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\159E59A8 Infected: Email-Worm.Win32.NetSky.j
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0D16582F Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0D6447D9 Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\227909CA Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\239C59AD Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\23B62990 Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\23D74D6C/data.rtf .scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\23D74D6C Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\24181525 Infected: Email-Worm.Win32.NetSky.b
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\44B06BD5 Infected: Email-Worm.Win32.NetSky.j
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\44F45D89 Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\45085974/details.txt .pif Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\45085974 Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1F9C1EEB Infected: Email-Worm.Win32.NetSky.j
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\154B0044 Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\156F4E1C Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\157F200A/rymmxquc.exe Suspicious: Password-protected-EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\157F200A Suspicious: Password-protected-EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\15A043E6 Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\15AA41DB Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\15B43FD1/document.txt .exe Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\15B43FD1 Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6F0C757F/details.txt .pif Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6F0C757F Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6F191D70 Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6F231B66 Infected: Email-Worm.Win32.NetSky.j
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2AC6500D Infected: Email-Worm.Win32.NetSky.b
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\45094001 Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1FD8305B.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\07A95A66.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\23835250.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2914074D.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2A7E7BFF.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2A984BE3.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7E7B47DB.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7CD962C3.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\319271E1.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0C0129C1.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\60223973.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\20F71CAA.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\22F82903.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\40FC5E89.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3AA76779.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\382B647D.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\322B0F58.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\54C2006C.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\352302A4.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3E481A93.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1DD26F20.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1E1A0AD1.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6EC67EE1.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\25A14BE8.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5706232B.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7D7D6EC0.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7EDC013A.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7F1774F9.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\35193581.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0AE9755A.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\74653AFC.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\50C417DD.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\73EC5050.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\540829B0.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\38995DDB.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3D5D12E3.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2A2E75B3.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3B73458C.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\12F853CA.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\147A2E22.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\739E2A93.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4FBA557E.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2FAB6DA0.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7538503A.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\07640F58.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\738D6574.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\15433CA3.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\103F6795.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\69F00AE2.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6D2167EB.hta Infected: Trojan-Dropper.VBS.Zerolin
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6D7D7F86.hta Infected: Trojan-Dropper.VBS.Zerolin
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6DD81721.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6E2A30C8.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2C767313.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6E8A17C8.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\431F47D8.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2888243F.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\03613FAE.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\00892517.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\496633C3.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7EC33753.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1E0347CA.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2ADD22C2.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7BF16819.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1D2B6463.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\03F11B3E.tmp Infected: Trojan-Dropper.VBS.Zerolin
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\11CF191E.hta Infected: Trojan-Dropper.VBS.Zerolin
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6EDA3300.tmp Infected: Trojan-Dropper.VBS.Zerolin
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7B913702.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4427636A.chm/index.htm Infected: Trojan-Downloader.VBS.Psyme.ak
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4427636A.chm Infected: Trojan-Downloader.VBS.Psyme.ak
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1E852DF6.hta Infected: Trojan-Dropper.VBS.Zerolin
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1F520314.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2534752B.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\26387254.tmp Infected: Trojan-Dropper.VBS.Zerolin
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\26387254.htm Infected: Trojan.HTML.Qrap
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\263C1C51.htm Infected: Trojan.HTML.Qrap
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2642704A.hta Infected: Trojan-Dropper.VBS.Zerolin
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0D756FDA.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7B4D6C1C.hta Infected: Trojan-Dropper.VBS.Zerolin
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\7B6E0FF8.hta Infected: Trojan-Dropper.VBS.Zerolin
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2D122197.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\18B807B1.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6E374D52.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\16307479.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6DFA5F01.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\45A54B14.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0F535122.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\65DC0752.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4346707F.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\46DB068E.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4F8A79B6.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4FF23943.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\07662A3E.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1C0E42E7.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\10AE2A88.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\383675CF.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4E03257C.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\606954A8.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5E391B0B.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\219964E5.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2481088D.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3A0B5030.scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\08951BC2.scr Infected: Email-Worm.Win32.NetSky.q

Scan process completed.


===================================

Logfile of HijackThis v1.99.1
Scan saved at 2:14:22 PM, on 10/18/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\System32\pctspk.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\TightVNC\WinVNC.exe
C:\WINNT\System32\ZipToA.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SymTray.exe
C:\PROGRA~1\Adaptec\DirectCD\directcd.exe
C:\WINNT\system32\EXSHOW95.EXE
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINNT\system32\EXSHOW.EXE
C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\CreateCD.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\WINNT\system32\hpoipm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\hjt\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.esinc.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\Adaptec\DirectCD\directcd.exe
O4 - HKLM\..\Run: [EXSHOW95.EXE] EXSHOW95.EXE
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe SetReg
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [CreateCD] C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\CreateCD.exe -r
O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI05E6~1\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=http://companyweb
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1123871264226
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1124138123952
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Roxboro2.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Roxboro2.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Roxboro2.local
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINNT\System32\IomegaAccess.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: W2K PCtel speaker phone (Pctspk) - PCtel, Inc. - C:\WINNT\System32\pctspk.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe" -service (file missing)
O23 - Service: ZipToA - Iomega Corporation - C:\WINNT\System32\ZipToA.exe

===============================================

Thanks again,
adaniel
adaniel is offline