kahlmyishmael

I'm not certain if you wanted me to post the entire system32 files..and I'm a tad embarrassed to admit it-- i've never zipped a file in my life. You guys/gals have been very helpful though--so if I'm not performing something properly....please admonish me in the strictest terms. NORTON Internet stated it removed 55 registry entries...my computer had been running slow up to that point, but Norton got to it after about 30 minutes. I did not run any scan--- Norton just displayed an information screen informing me what it had done. My computer was still running slow.... both INTERNET and responding to non-Internet related commands(calling up files in the "My Documents"... I used CleanUp and cleaned my registry using WiseRegistry & RegSeeker). I'm 95% sure things are Okay and that I don't have any cooties in my system now. Nosirrah...if this is not what you wanted, please let me know... I will immediately comply with any future instructions HERE IS MY HiJackThis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:59:31 AM, on 11/16/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe C:\Program Files\Apoint\Apntex.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://*.wagerline.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1188144976515 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1188144953343 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Intel

Thank you very much for taking the time to respond. Regards, David

These 3 files were flagged by AboutBuster 6.07 C:\WINDOWS\system32\S32EVNT1.DLL C:\WINDOWS\system32\SymNeti.dll C:\WINDOWS\system32\SymRedir.dll 1) Are these files "malicious"? 2) Should I delete them?...If they are INDEED malicious BUT NOT to be deleted, could someone provide me with the hyperlink of a protocol of steps to follow to assist in their removal? Thank you, David