Forum Home
Press F1
Thread ID: 74057	2006-11-09 22:12:00	unable to install norton anti virus	Rater (11424)	Press F1

Post ID	Timestamp	Content	User
497846	2006-11-09 22:12:00	:badpc: I think I got hit with a virus or something. I had an old (2000) NAV corp and kept updating nightly but something got through. I uninstalled the old version and got NAV corp 10.0.0.359 but it will not install on any box that I have, win 98SE, 2k, & XP home. It gets nearly done then it removes everything and tells me that it did not install & try later....... a buddie told me to get hijack this but I don't know what is good or bad to fix. Can anyone help?? below is the hijack this log Logfile of HijackThis v1.99.1 Scan saved at 1:18:34 PM, on 11/9/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ObjectWorld\CallAttendant Pro\Bin\CAServer.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\BITWARE\NT\bwprnmon.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\WINDOWS\System32\svchost.exe C:\download\hack this\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [bwprnmon.exe] C:\BITWARE\NT\bwprnmon.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: MailWasherPro.lnk = C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: CallAttendant Client.lnk = C:\Program Files\CallAttendant Client\Bin\CAMonitor.exe O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: CallAttendant Pro Service (CallAttendantPro) - Unknown owner - C:\Program Files\ObjectWorld\CallAttendant Pro\Bin\CAServer.exe I really don't want to format and start over HELP:waughh:	Rater (11424)
497847	2006-11-09 23:17:00	Hmm the log looks ok to me, but u can run HJT again tick these entries and tick fix checked. (Close browser/s first). O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll (file missing) I would also install a firewall. I would also install Spybot (www.spybot.info) and the detection updates. Then make sure Spybot is up to date and do a scan. Forget NAV. Uninstall it completely. Do a search on the Symantec for the uninstall tool. Hopefully, it removes all traces of it. Install something like AVG Free (free.grisoft.com) Or a free AV Program. And install a firewall like Zonealarm (www.zonelabs.com) (altho ZA isnt any better) Comodo (http://www.comodogroup.com/) or some other free firewall program.	Speedy Gonzales (78)
497848	2006-11-09 23:40:00	Is that call attendant VoIP?, you may what to disable that program for the install! - I think VoIP turns your PC into like a relay which the A/V program might not like. Also, make sure all previous traces of NAV are removed from the PC before new NAV install. Does the install log give any error message?	SolMiester (139)
497849	2006-11-10 02:13:00	Running a Dlink router locked down running in stealth according to GRC . com "shields Up" I fixed w/ hijack, went into regestry removed all symantec & norton, rebooted rechecked the regestry, installed Avira Antivir classic, scanned for viruses . The log reads ; Report file date: Thursday, November 09, 2006 17:19 Scanning for 552058 virus strains and unwanted programs . Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5 . 1 . 2600] Username: phantom Computer name: NEW-11-06 Version information: AVSCAN . EXE : 7 . 0 . 0 . 47 200744 8/21/2006 20:06:56 AVSCAN . DLL : 7 . 0 . 0 . 45 41000 9/7/2006 20:56:33 LUKE . DLL : 7 . 0 . 0 . 47 118824 9/7/2006 20:32:33 LUKERES . DLL : 7 . 0 . 0 . 47 9256 9/7/2006 20:56:33 ANTIVIR0 . VDF : 6 . 35 . 0 . 1 7371264 5/31/2006 20:35:27 ANTIVIR1 . VDF : 6 . 36 . 0 . 228 2062336 11/2/2006 01:16:49 ANTIVIR2 . VDF : 6 . 36 . 0 . 244 92672 11/7/2006 01:16:49 ANTIVIR3 . VDF : 6 . 36 . 1 . 11 54784 11/9/2006 01:16:49 AVEWIN32 . DLL : 7 . 2 . 0 . 39 1909248 11/10/2006 01:16:49 AVPREF . DLL : 7 . 0 . 0 . 2 23592 7/24/2006 22:36:04 AVREP . DLL : 6 . 36 . 1 . 1 925736 11/10/2006 01:16:49 AVRPBASE . DLL : 7 . 0 . 0 . 0 2162728 3/30/2006 18:43:31 AVPACK32 . DLL : 7 . 2 . 0 . 5 368680 11/10/2006 01:16:49 AVREG . DLL : 6 . 31 . 0 . 90 27688 7/28/2005 20:06:36 NETNT . DLL : 6 . 32 . 0 . 0 6696 9/27/2005 17:56:49 NETNW . DLL : 7 . 0 . 0 . 0 9768 7/24/2006 22:35:55 RCIMAGE . DLL : 7 . 0 . 0 . 74 1642536 8/1/2006 21:22:57 RCTEXT . DLL : 7 . 0 . 1 . 4 77864 11/10/2006 01:16:48 Configuration settings for the scan: Jobname . . . . . . . . . . . . . . . . . . . . . . . : Manual Selection Configuration file . . . . . . . . . . . . : C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder . avp Boot sectors . . . . . . . . . . . . . . . . . . : C Scan memory . . . . . . . . . . . . . . . . . . . : 1 Process scan . . . . . . . . . . . . . . . . . . : 1 Scan all files . . . . . . . . . . . . . . . . : 2 Scan archives . . . . . . . . . . . . . . . . . : 1 Recursion depth . . . . . . . . . . . . . . . : 20 Smart extensions . . . . . . . . . . . . . . : 1 Macro heuristic . . . . . . . . . . . . . . . : 1 File heuristic . . . . . . . . . . . . . . . . : 0 Primary action . . . . . . . . . . . . . . . . : 1 Secondary action . . . . . . . . . . . . . . : 0 Start of the scan: Thursday, November 09, 2006 17:19 The scan of running processes will be started 16 Processes were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Starting to scan the registry . The registry was scanned ( 19 files ) . Starting the file scan: C:\hiberfil . sys [WARNING] The file could not be opened! C:\pagefile . sys [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\ntuser . dat [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\ntuser . dat . LOG [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass . dat [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass . dat . LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\ntuser . dat [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\ntuser . dat . LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass . dat [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass . dat . LOG [WARNING] The file could not be opened! C:\Documents and Settings\phantom\ntuser . dat [WARNING] The file could not be opened! C:\Documents and Settings\phantom\ntuser . dat . LOG [WARNING] The file could not be opened! C:\Documents and Settings\phantom\Local Settings\Application Data\Microsoft\Windows\UsrClass . dat [WARNING] The file could not be opened! C:\Documents and Settings\phantom\Local Settings\Application Data\Microsoft\Windows\UsrClass . dat . LOG [WARNING] The file could not be opened! C:\download\previx\InstallPREVX102000337 . exe [0] Archive type: ACE SFX (self extracting) --> img\bins\2k_2k3_xp\lclbrk . cache . 2k [WARNING] Error creating the file --> img\bins\2k_2k3_xp\rksig . bin [WARNING] No further files can be extracted from this archive . The archive will be closed C:\WINDOWS\system32\config\Default [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default . LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\Sam [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM . LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\Security [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY . LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\Software [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software . LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\System [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system . LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\atapi . sys [WARNING] The file could not be opened! End of the scan: Thursday, November 09, 2006 17:50 Used time: 31:10 min The scan has been done completely . 5074 Scanning directories 270946 Files were scanned 0 viruses and/or unwanted programs were found 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 6916 Archives were scanned 27 Warnings 0 Notes uninstalled avira, rebooted and tried again to install NAV and near the end the progress bar went in reverse and ended with the message; "The wizard was interrupted before Symantec could be installed . Your system has not been modified . To complete installation at another time, please run setup again" reinstalled Antivir (cuz I need something) . rebooted and ran hijack . because of size the hijack log follows .	Rater (11424)
497850	2006-11-10 02:14:00	Logfile of HijackThis v1.99.1 Scan saved at 6:00:53 PM, on 11/9/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ObjectWorld\CallAttendant Pro\Bin\CAServer.exe C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\BITWARE\NT\bwprnmon.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\download\hack this\HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [bwprnmon.exe] C:\BITWARE\NT\bwprnmon.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: MailWasherPro.lnk = C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: CallAttendant Client.lnk = C:\Program Files\CallAttendant Client\Bin\CAMonitor.exe O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: CallAttendant Pro Service (CallAttendantPro) - Unknown owner - C:\Program Files\ObjectWorld\CallAttendant Pro\Bin\CAServer.exe	Rater (11424)
497851	2006-11-10 02:27:00	Still looks ok to me. All you need now is a firewall of some kind. I would also get something like ccleaner (http://www.ccleaner.com/) so it removes all the temp files etc off the hdd.	Speedy Gonzales (78)
497852	2006-11-10 03:35:00	Logfile of HijackThis v1.99.1 Scan saved at 6:00:53 PM, on 11/9/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2900.2180) C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe You can't have 2 antiviruses. You need to get rid of this one before installing Nortons. Also make sure the registry is clean of any old Norton stuff first.	pctek (84)
1