iexplore.exe and norton problem

I browse the Internet with Firefox and never with IE. Recently however, IE pop-ups have been coming up when I type or click anything in Firefox. In addition, the Norton Security Scan shortcut will appear on my desktop although I removed the Norton anti-virus software a long time ago.

Here are the logs:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/21/2008 at 03:25 AM

Application Version : 4.23.1006

Core Rules Database Version : 3680
Trace Rules Database Version: 1659

Scan type : Complete Scan
Total Scan Time : 00:36:34

Memory items scanned : 466
Memory threats detected : 1
Registry items scanned : 6021
Registry threats detected : 35
File items scanned : 82757
File threats detected : 132

Adware.Gudmun/Resident
C:\WINDOWS\SYSTEM32\GIGIJOMO.DLL
C:\WINDOWS\SYSTEM32\GIGIJOMO.DLL

Unclassified.Unknown Origin
HKLM\Software\Classes\CLSID\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
HKCR\CLSID\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C}
HKCR\CLSID\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C}\InprocServer32
HKCR\CLSID\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\CBXNGWXO.DLL
HKLM\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}
HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}
HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32
HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\JOPOKANO.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\SharedTaskScheduler#{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellExecuteHooks#{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
HKU\S-1-5-21-2025429265-1957994488-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\She llServiceObjectDelayLoad#SSODL
HKCR\CLSID\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C}
HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\IIOVVU.DLL .VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\KIORFPSB.D LL.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{88A6FFAE-FFED-4C1E-A6FA-A2871855DB4F}\RP796\A0074547.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{88A6FFAE-FFED-4C1E-A6FA-A2871855DB4F}\RP796\A0074548.DLL

Trojan.Vundo-Variant/NextGen
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{63ebda50-477b-4c8d-a3e9-d8d0b3842888}
HKCR\CLSID\{63EBDA50-477B-4C8D-A3E9-D8D0B3842888}
HKCR\CLSID\{63EBDA50-477B-4C8D-A3E9-D8D0B3842888}\InprocServer32
HKCR\CLSID\{63EBDA50-477B-4C8D-A3E9-D8D0B3842888}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\SOWAWIBI.DLL

Browser Hijacker.MJCore
HKU\S-1-5-21-2025429265-1957994488-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{D88E1558-7C2D-407A-953A-C044F5607CEA}
C:\QOOBOX\QUARANTINE\C\PROGRAM FILES\MJCORE\MJCORE.DLL.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{88A6FFAE-FFED-4C1E-A6FA-A2871855DB4F}\RP796\A0074528.DLL

Trojan.Unknown Origin
HKLM\Software\xpre
HKLM\Software\xpre#execount
C:\SYSTEM VOLUME INFORMATION\_RESTORE{88A6FFAE-FFED-4C1E-A6FA-A2871855DB4F}\RP782\A0073756.EXE

Adware.Vundo Variant/Rel
HKLM\SOFTWARE\Microsoft\contim
HKLM\SOFTWARE\Microsoft\contim#SysShell
HKLM\SOFTWARE\Microsoft\rdfa
HKLM\SOFTWARE\Microsoft\rdfa#F
HKLM\SOFTWARE\Microsoft\rdfa#N

Rogue.Component/Trace
HKLM\Software\Microsoft\A0FEB74D
HKLM\Software\Microsoft\A0FEB74D#a0feb74d
HKLM\Software\Microsoft\A0FEB74D#Version
HKLM\Software\Microsoft\A0FEB74D#a0fe1acd
HKLM\Software\Microsoft\A0FEB74D#a0fe7328
HKU\S-1-5-21-2025429265-1957994488-725345543-1004\Software\Microsoft\CS41275
HKU\S-1-5-21-2025429265-1957994488-725345543-1004\Software\Microsoft\FIAS4018

Trojan.Fake-Alert/Trace
HKU\S-1-5-21-2025429265-1957994488-725345543-1004\SOFTWARE\Microsoft\fias4013

Adware.Tracking Cookie
.doubleclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.2o7.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.2o7.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.2o7.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.revsci.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.revsci.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.revsci.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.revsci.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.revsci.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.revsci.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.revsci.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.revsci.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.atdmt.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.questionmarket.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.questionmarket.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.questionmarket.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.tacoda.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.tacoda.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.tacoda.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.tacoda.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.tacoda.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.tacoda.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.tacoda.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.interclick.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.interclick.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.interclick.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.interclick.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.mediaplex.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.interclick.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.advertising.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.advertising.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.advertising.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.advertising.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.advertising.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.realmedia.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.realmedia.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.realmedia.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.realmedia.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.tribalfusion.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.zedo.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.zedo.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.zedo.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.zedo.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.zedo.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.zedo.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.zedo.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.zedo.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.zedo.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.collective-media.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.collective-media.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.collective-media.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.collective-media.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.overture.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.casalemedia.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.casalemedia.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.casalemedia.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.casalemedia.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.casalemedia.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.adtech.de [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.adtech.de [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.adrevolver.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.adrevolver.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.trafficmp.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.trafficmp.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
ads.revsci.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.dynamic.media.adrevolver.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.ehg-dig.hitbox.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.hitbox.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.hitbox.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.ehg-dig.hitbox.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.apmebf.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.fastclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.fastclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
anad.tacoda.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
anat.tacoda.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.statcounter.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]
.goal.adbureau.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\rb6b4ewo.default\coo kies.txt ]

Adware.Vundo Variant
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CBXNGWXO.D LL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VYNBCDRK.D LL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\XMLSOYVV.D LL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\XSOBJD.DLL .VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{88A6FFAE-FFED-4C1E-A6FA-A2871855DB4F}\RP796\A0074545.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{88A6FFAE-FFED-4C1E-A6FA-A2871855DB4F}\RP796\A0074550.DLL

Adware.Vundo/Variant-Greek
C:\SYSTEM VOLUME INFORMATION\_RESTORE{88A6FFAE-FFED-4C1E-A6FA-A2871855DB4F}\RP774\A0072216.EXE

Adware.Vundo/Variant
C:\SYSTEM VOLUME INFORMATION\_RESTORE{88A6FFAE-FFED-4C1E-A6FA-A2871855DB4F}\RP774\A0072347.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{88A6FFAE-FFED-4C1E-A6FA-A2871855DB4F}\RP774\A0072349.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{88A6FFAE-FFED-4C1E-A6FA-A2871855DB4F}\RP774\A0072350.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{88A6FFAE-FFED-4C1E-A6FA-A2871855DB4F}\RP796\A0074546.DLL

Trojan.Unclassified
C:\SYSTEM VOLUME INFORMATION\_RESTORE{88A6FFAE-FFED-4C1E-A6FA-A2871855DB4F}\RP796\A0074532.EXE

Trojan.Dropper/Win-NV
C:\WINDOWS\SYSTEM32\NVAUX32.DLL

Trojan.Vundo-Variant/Small-GEN
C:\WINDOWS\SYSTEM32\VTULLBUO.DLL

Malwarebytes’ Anti-Malware 1.31
Database version: 1528
Windows 5.1.2600 Service Pack 2

2008-12-21 11:20:09 AM
mbam-log-2008-12-21 (11-20-09).txt

Scan type: Quick Scan
Objects scanned: 54098
Time elapsed: 2 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 11
Registry Values Infected: 5
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\zuyunado.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\wetudave.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\gedogeye.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{4eb9a2b7-848b-40a8-9dd2-e940d47548c1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4eb9a2b7-848b-40a8-9dd2-e940d47548c1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{63ebda50-477b-4c8d-a3e9-d8d0b3842888} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63ebda50-477b-4c8d-a3e9-d8d0b3842888} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\a0fea5c3 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\wutujezeho (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\cpma3cd965f (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\iiovvu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zuyunado.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\odanuyuz.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wetudave.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\gedogeye.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\aston.mt (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vizisida.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:27:45 PM, on 2008-12-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\xampp\apache\bin\apache.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\xampp\apache\bin\apache.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\sniper.exe

O2 – BHO: (no name) – {04F1B11C-3CFF-4F56-AEBE-FB848B71FAE9} – C:\WINDOWS\system32\ddccCrrO.dll (file missing)
O2 – BHO: Java(tm) Plug-In SSV Helper – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre6\bin\ssv.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} – C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\sw g.dll
O2 – BHO: (no name) – {BFDC21F1-4922-48CD-A8D2-CB0A3376B059} – C:\WINDOWS\system32\rqRJaBSj.dll (file missing)
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 – BHO: JQSIEStartDetectorImpl – {E7E6F031-17CE-4C07-BC86-EABFE594F69C} – C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 – HKLM\..\Run: [EPSON Stylus CX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA DA.EXE /P26 "EPSON Stylus CX4800 Series" /O15 "IP_192.168.1.10" /M "Stylus CX4800"
O4 – HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 – HKLM\..\Run: [Auto EPSON Stylus CX4800 Series (Network) on STUDY] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA DA.EXE /P50 "Auto EPSON Stylus CX4800 Series (Network) on STUDY" /O16 "\\STUDY\EPSONNET" /M "Stylus CX4800"
O4 – HKLM\..\Run: [Auto EPSON Stylus CX4800 Series on STUDY] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA DA.EXE /P40 "Auto EPSON Stylus CX4800 Series on STUDY" /O16 "\\STUDY\EPSONSty" /M "Stylus CX4800"
O4 – HKLM\..\Run: [Auto EPSON Stylus CX4800 Series on STUDY (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA DA.EXE /P49 "Auto EPSON Stylus CX4800 Series on STUDY (Copy 1)" /O34 "\\STUDY\EPSON Stylus CX4800 Series" /M "Stylus CX4800"
O4 – HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 – Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 – Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: AIM – {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} – C:\Program Files\AIM\aim.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra button: Walker Poker – {533caed3-32dd-436e-9e56-27e70d5190bb} – C:\Documents and Settings\Tsugomaru\Start Menu\Programs\Walker Poker\Walker Poker.lnk (HKCU)
O16 – DPF: {CEA3052D-65B9-44E2-A501-5E14024BC66F} (TricksterActiveX Control) – http://www.tricksteronline.com/contr…terActiveX.cab
O16 – DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} (Logout Class) – http://www.tricksteronline.com/contr…tComponent.cab
O20 – Winlogon Notify: !SASWinLogon – C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 – Service: Adobe LM Service – Adobe Systems – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 – Service: Apache2.2 – Apache Software Foundation – C:\xampp\apache\bin\apache.exe
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – ALWIL Software – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 – Service: avast! Web Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 – Service: Google Updater Service (gusvc) – Google – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 – Service: Java Quick Starter (JavaQuickStarterService) – Sun Microsystems, Inc. – C:\Program Files\Java\jre6\bin\jqs.exe
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) – CACE Technologies – C:\Program Files\WinPcap\rpcapd.exe

–
End of file – 6531 bytes

This entry was posted on Sunday, December 21st, 2008 at 10:34 pm and is filed under Hi-Tech blog. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.

hi-tech blog

iexplore.exe and norton problem

Calendar

Archives

RSS

Recent Posts

Counter

December 2008
M	T	W	T	F	S	S
« Nov				Jan »
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31