Symantec dropping the rootkit on you
I have used Symantec Security Check in the past. It is a tool to look for virii and back doors along with exploits. What it wasn't telling you was it also has been installing an on-line threat of its own in the form of a dangerous ActiveX control. "The ActiveX control, named Symantec RuFSI Utility Class or Symantec RuFSI Registry Information Class, contains a buffer overflow exploit," the company says, though we're nearly certain they mean that it's exploitable, not that it's actually been infected with something. The easiest way to get rid of the dangerous ActiveX control that security experts Symantec have planted on your machine is to visit the Security Check Web page again, submit to the security check once more, and allow them to install a much better one in its place, which they are now prepared to do or you can go to a DOS prompt and delete the file rufsi.dll from the %Windir%\Downloaded Program Files. Story found on Security Focus