Jump to content

Need help removing Anykuy.com malware!!!!


dangel

Recommended Posts

I need help removing the malware anykuy.com from my computer. There's a fake warning sign on my task bar that keeps saying "Warning! You have a security problem" and a webpage keeps popping up for me to install the software.

Here's my Malware bytes log

Malwarebytes' Anti-Malware 1.34

Database version: 1752

Windows 6.0.6000

2/11/2009 8:03:32 PM

mbam-log-2009-02-11 (20-03-32).txt

Scan type: Quick Scan

Objects scanned: 65897

Time elapsed: 6 minute(s), 35 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 3

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 211

Files Infected: 23

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6ca49fdd-4aeb-4f08-a394-c0a1f82caa16} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b499d34e-58ef-4927-ab9f-7af52b2c4c82} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\AdwareAlert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\c:\program files\adwarealert\ (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

C:\Users\Diana\AppData\Roaming\AdwareAlert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53 (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\1255.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\127.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\168.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\202.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\211.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\215.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\219.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\223.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\227.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\231.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\235.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\239.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\243.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\247.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\251.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\255.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\259.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\263.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\267.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\271.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\275.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\279.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\283.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\287.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\291.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\295.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\299.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\303.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\307.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\311.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\315.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\319.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\323.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\327.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\331.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\335.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\339.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\343.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\347.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\351.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\355.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\359.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\363.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\367.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\371.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\375.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\379.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\383.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\387.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\391.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\395.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\399.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\403.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\407.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\411.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\415.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\419.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\423.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\427.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\431.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\435.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\439.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\443.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\447.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\451.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\455.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\459.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\463.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\467.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\471.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\475.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\479.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\483.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\487.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\491.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\495.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\499.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\503.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\507.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\511.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\515.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\519.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\523.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\527.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\531.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\535.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\539.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\543.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\547.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\551.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\555.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\559.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\563.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\567.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\571.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\575.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\579.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\583.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\587.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\591.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\595.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\599.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\603.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\607.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\611.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\615.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\619.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\623.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\627.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\631.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\635.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\639.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\643.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\647.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\651.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\655.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\659.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\663.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\667.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\671.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\675.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\679.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\683.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\687.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\691.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\695.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\699.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\703.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\707.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\711.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\715.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\719.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\723.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\727.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\731.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\735.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\739.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\743.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\747.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\751.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\755.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\759.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\763.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\767.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\771.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\775.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\779.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\783.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\787.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\791.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\795.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\799.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\803.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\807.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\811.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\815.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\819.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\823.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\827.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\831.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\835.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\839.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\843.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\847.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\851.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\855.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\859.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\863.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\867.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\871.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\875.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\879.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\883.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\887.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\891.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\895.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\899.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\903.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\907.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\911.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\915.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\919.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\923.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\927.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\931.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\935.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\939.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\943.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\947.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\951.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\955.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\959.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\963.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\967.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\971.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\975.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\979.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\983.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\987.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\991.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\995.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Quarantine\23-10-2007-02-20-53\999.qit (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Registry Backups (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Settings (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Program Files\AdwareAlert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Program Files\AdwareAlert\Log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Program Files\Image Add-on (Trojan.Zlob) -> Quarantined and deleted successfully.

Files Infected:

C:\Users\Diana\AppData\Roaming\AdwareAlert\DataBaseNew.ref (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\fp.dat (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\rs.dat (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Log\2007 Oct 30 - 10_13_09 AM_591.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Log\2007 Oct 30 - 10_14_09 AM_942.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Settings\CustomScan.stg (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Settings\IgnoreList.stg (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Settings\ScanInfo.stg (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Settings\ScanResults.stg (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Settings\SelectedFolders.stg (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Users\Diana\AppData\Roaming\AdwareAlert\Settings\Settings.stg (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Program Files\AdwareAlert\Log\2007 Oct 23 - 02_20_49 AM.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Program Files\AdwareAlert\Log\2007 Oct 23 - 02_43_50 AM.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Program Files\AdwareAlert\Log\2007 Oct 23 - 11_23_49 AM.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Program Files\AdwareAlert\Log\2007 Oct 24 - 08_38_47 AM.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Program Files\AdwareAlert\Log\2007 Oct 25 - 05_10_30 PM.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Program Files\AdwareAlert\Log\2007 Oct 25 - 05_39_26 PM.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Program Files\AdwareAlert\Log\2007 Oct 26 - 09_08_40 AM.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Program Files\AdwareAlert\Log\2007 Oct 29 - 07_11_09 PM.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Program Files\AdwareAlert\Log\2007 Oct 30 - 10_13_21 AM.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.

C:\Program Files\Image Add-on\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Image Add-on\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Windows\Tasks\AdwareAlert Scheduled Scan.job (Trojan.Downloader) -> Quarantined and deleted successfully.

Here's my hijack this log

Logfile of HijackThis v1.99.1

Scan saved at 2:55:19 PM, on 10/23/2007

Platform: Unknown Windows (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16546)

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Java\jre1.6.0\bin\jusched.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\AdwareAlert\AdwareAlert.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\HP Connections\6811507\Program\HP Connections.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Vongo\Tray.exe

C:\Windows\System32\mobsync.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll

O1 - Hosts: ::1 localhost

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: IE Custom Tools - {6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16} - C:\Program Files\Image Add-on\ictmdl.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: HP Connections.lnk = C:\Program Files\HP Connections\6811507\Program\HP Connections.exe

O4 - Global Startup: Vongo Tray.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O13 - Gopher Prefix:

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200705...ex/qtplugin.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe

O23 - Service: AdwareAlert Scanning Engine (AdwareAlertSrv) - Unknown owner - C:\Program Files\AdwareAlert\AdwareAlertSrv.srv.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

I also got this warning when I was scanning hijack this. I don't know if it's significant but here's a copy of the message anyway.

"An unexpected error has occurred at procedure: modMain_CheckOther1Item()

Error #75 - Path/File access error

Please email me at merijn@spywareinfo.com, reporting the following:

* What you were trying to fix when the error occurred, if applicable

* How you can reproduce the error

* A complete HijackThis scan log, if possible

Windows version: Windows NT 6.00.1904

MSIE version: 7.0.6000.16764

HijackThis version: 1.99.1

This message has been copied to your clipboard.

Click OK to continue the rest of the scan."

Thanks.

Link to post
Share on other sites

  • Root Admin

Please visit this webpage for instructions for downloading ComboFix to your
DESKTOP
:
how-to-use-combofix

Please ensure you read this guide carefully and install the Recovery Console first.

NOTE!!:

You must save and run
ComboFix.exe
on your DESKTOP and not from any other folder.

Also,
DO NOT
click the mouse or launch any other applications while this is running or it may stall the program

Additional links to download the tool:

Note:

The
Windows Recovery Console
will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once installed, you should see a blue screen prompt that says:

The Recovery Console was successfully installed.

Please continue as follows:
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Click
    Yes
    to allow ComboFix to continue scanning for malware.

  • When the tool is finished, it will produce a report for you.

  • Please post the
    C:\ComboFix.txt
    along with a
    new HijackThis log
    so we may continue cleaning the system.

Link to post
Share on other sites

Ok. So, I installed Combo fix and followed the instructions step by step. It did remove that fake warning sign at the bottom of my taskbar but it might not be completely fixed. Here's is a log of Combo fix and a NEW log of hijackthis.

Combofix log

ComboFix 09-02-12.03 - Diana 2009-02-12 15:24:35.1 - NTFSx86

Microsoft

Link to post
Share on other sites

  • Root Admin

What issues are you still having? The logs look okay right now.

Please remove Combofix and run an Anti-Virus scanner.

To uninstall ComboFix.exe
  • Click
    START
    then
    RUN
  • Now type
    Combofix /u
    in the runbox and click OK. Note the
    space
    between the
    X
    and the
    U
    , it needs to be there.

  • CF_Cleanup.png


Remove this folder C:\QooBox if the uninstall instructions don't work.

Then run this scanner.

Download to the desktop: Dr.Web CureIt

  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, Click Options > Change settings
  • Choose the "Scan"-tab, remove the mark at "Heuristic analysis".
  • Back at the main window, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, look if you can click next icon next to the files found:
    check.gif
    If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
    move.gif
    This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
  • After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web you saved previously in your next reply with a new hijackthis log.
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.