Jump to content

My HijackThis Log


Recommended Posts

Hello;

I am in serious need of help. I have tried to remove this trojan on my own but have completely failed at it.

Here is my HijackThis log file:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:24:06 AM, on 7/29/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Boot mode: Normal

Running processes:

F:\WINDOWS\System32\smss.exe

F:\WINDOWS\system32\winlogon.exe

F:\WINDOWS\system32\services.exe

F:\WINDOWS\system32\lsass.exe

F:\WINDOWS\system32\Ati2evxx.exe

F:\WINDOWS\system32\svchost.exe

f:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe

f:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE

F:\WINDOWS\system32\svchost.exe

f:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe

F:\WINDOWS\system32\spoolsv.exe

F:\WINDOWS\Explorer.EXE

F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

C:\Program Files\Norton Ghost\Agent\VProSvc.exe

f:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls.exe

f:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe

C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe

f:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe

f:\program files\panda software\panda internet security 2007\firewall\PSHOST.EXE

f:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe

F:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

F:\WINDOWS\stsystra.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\Program Files\Dell\Media Experience\DMXLauncher.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

F:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE

C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe

F:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\eHome\ehmsas.exe

f:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE

f:\Program Files\Panda Software\Panda Internet Security 2007\WebProxy.exe

f:\Program Files\Panda Software\Panda Internet Security 2007\PavBckPT.exe

F:\Program Files\Mozilla Thunderbird\thunderbird.exe

F:\Program Files\Mozilla Firefox\firefox.exe

F:\WINDOWS\system32\javaw.exe

C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE

f:\Program Files\Panda Software\Panda Internet Security 2007\psimreal.exe

f:\Program Files\Panda Software\Panda Internet Security 2007\avciman.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nickjr.com/

F2 - REG:system.ini: UserInit=F:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\userinit.exe,

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe

O4 - HKLM\..\Run: [APVXDWIN] "f:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [sCANINICIO] "f:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet

O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Digital Line Detect.lnk = ?

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZJfox000

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm

O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - F:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O20 - Winlogon Notify: !SASWinLogon - F:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: GEARSecurity - Unknown owner - F:\WINDOWS\System32\GEARSec.exe (file missing)

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe

O23 - Service: Panda Software Controller - Panda Software International - f:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - f:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - f:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe

O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - f:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe

O23 - Service: Panda Host Service (PSHost) - Panda Software International - f:\program files\panda software\panda internet security 2007\firewall\PSHOST.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - f:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - f:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe

--

End of file - 10573 bytes

Thanks, much appreciated.

Barbara

Link to post
Share on other sites

Hello Barbara and welcome to Malwarebytes. First I strongly advice you change any passwords for banking or other sensitive log ons and stay offline if possible until we rid you of these infections. Right now your PC is not safe.

Second you must chose one antivirus to run for real time protection. You have two Panda and Symantec and this is possibly how you got infected, although I can't be sure. You can keep them both and run one as a backup scanner but you will have problems if you have them both active at the same time.

Third, Print these instructions or save to a notepad file as you need to have all browsers closed and be off line.

Download SDFix by Andy Manchesta and save it to your Desktop.

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

Double click SDFix.exe and it will extract the files to %systemdrive%

(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :

* Restart your computer

* After hearing your computer beep once during startup, but before the

Windows icon appears, tap the F8 key continually;

* Instead of Windows loading as normal, the Advanced Options Menu should

appear;

* Select the first option, to run Windows in Safe Mode, then press

Enter.

* Choose your usual account.

* Open the extracted SDFix folder and double click RunThis.bat to start

the script.

* Type Y to begin the cleanup process.

* It will remove any Trojan Services and Registry Entries that it finds

then prompt you to press any key to Reboot.

* Press any Key and it will restart the PC.

* When the PC restarts the Fixtool will run again and complete the

removal process then display Finished, press any key to end the script and

load your desktop icons.

* Once the desktop icons load the SDFix report will open on screen and

also save into the SDFix folder as Report.txt

(Report.txt will also be copied to Clipboard ready for posting back on

the forum).

* Finally paste the contents of the Report.txt back on the forum.

Fourth, please get this program install it, update and run a full system scan. Allow it to remove whatever it finds http://free.grisoft.com/doc/28415/lng/us/tpl/v5 .

Reboot and post a new HJT log. To be clear, you will post the SDFix log and the HJT log. They can be in separate posts since one will be done before you have run AVG. This also gives me a chance to review one and make assessments. Be patient and thorough these things can take time. Good luck. :D

Also please inform me if your symptoms have ceased, any changes good or bad. Details are important.

Link to post
Share on other sites

Reboot and post a new HJT log. To be clear, you will post the SDFix log and the HJT log. They can be in separate posts since one will be done before you have run AVG. This also gives me a chance to review one and make assessments. Be patient and thorough these things can take time. Good luck. :D

Also please inform me if your symptoms have ceased, any changes good or bad. Details are important.

Hello, Jean;

Thank you so much for the help and advice. I really appreciate it. :D

Here is the SDFix log. I'll post the new HJT log as soon as AVG is finished. As far as changes go -- I'm still getting pop-ups, but have installed "ad-block" and "no script" since I use Firefox, and although they haven't stopped the pop-ups, it's made a difference in that I've been able to block reoccurring addresses, etc.

SDFix:

SDFix: Version 1.94

Run by AYHM on Sun 07/29/2007 at 06:12 PM

Microsoft Windows XP [Version 5.1.2600]

Running From: F:\SDFix

Safe Mode:

Checking Services:

Restoring Windows Registry Values

Restoring Windows Default Hosts File

Rebooting...

Normal Mode:

Checking Files:

No Trojan Files Found

Removing Temp Files...

ADS Check:

F:\WINDOWS

No streams found.

F:\WINDOWS\system32

No streams found.

F:\WINDOWS\system32\svchost.exe

No streams found.

F:\WINDOWS\system32\ntoskrnl.exe

No streams found.

Final Check:

Remaining Services:

------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"

"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"

"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"

"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"

"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"

"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"

"C:\\Program Files\\InternetCalls.com\\InternetCalls\\internetcalls.exe"="C:\\Program Files\\InternetCalls.com\\InternetCalls\\internetcalls.exe:*:Enabled:InternetCalls"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"

"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"

"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"

Remaining Files:

---------------

Files with Hidden Attributes:

F:\Documents and Settings\AYHM\Desktop\icon\TextbookX.com shipment information for order [843111]\Thumbs.db

F:\Program Files\Shockwave.com\Thumbs.db

F:\IUPUI Online\Office XP Professional\MSDE2000\SQLRESLD.DLL

F:\i386\KGyGaAvL.sys

F:\WINDOWS\system32\C54E35E495.sys

F:\WINDOWS\system32\KGyGaAvL.sys

F:\Documents and Settings\AandA\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u1\lock.tmp

F:\Documents and Settings\AandA\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u2\lock.tmp

F:\Documents and Settings\AandA\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u3\lock.tmp

F:\Documents and Settings\AandA\Application Data\GTek\GTUpdate\AUpdate\Channels\ch_u4\lock.tmp

Finished

Once again, thanks so much. I'd be lost otherwise!

Barbara

Link to post
Share on other sites

What addresses were reoccurring? Have you ran RogueRemover? If not please do. You can use the link in my signature or at the top of this page for a free trial or get the free program.

Hi, Jean;

The AVG is still running the scan, so I will get the HJT log to you ASAP. The addresses I see most frequently are http://avsystemcare.com, http://login.tracking101.com, http://ad2profit.com/, http://publishers.xy7.com, www.wixawin.com, http://passion.com, and http://em.pc-on-internet.com.

As soon as AVG finishes, I'll run RogueRemover as well.

Barbara

Link to post
Share on other sites

Please post the AVG log also. Thanks.

Hi, Jean;

Here is the HiJackThis log:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:24:02 PM, on 7/29/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Boot mode: Normal

Running processes:

F:\WINDOWS\System32\smss.exe

F:\WINDOWS\SYSTEM32\winlogon.exe

F:\WINDOWS\system32\services.exe

F:\WINDOWS\system32\lsass.exe

F:\WINDOWS\system32\Ati2evxx.exe

F:\WINDOWS\system32\svchost.exe

F:\WINDOWS\System32\svchost.exe

F:\WINDOWS\system32\spoolsv.exe

F:\WINDOWS\Explorer.EXE

F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

F:\WINDOWS\stsystra.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Dell\Media Experience\DMXLauncher.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

C:\Program Files\Norton Ghost\Agent\VProSvc.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

F:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\eHome\ehmsas.exe

F:\WINDOWS\system32\ctfmon.exe

C:\Program Files\RogueRemover PRO\RogueRemoverPRO.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nickjr.com/

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet

O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [RogueMonitor] C:\Program Files\RogueRemover PRO\RogueRemoverPRO.exe /monitor

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')

O4 - Global Startup: Digital Line Detect.lnk = ?

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZJfox000

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm

O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - F:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O20 - Winlogon Notify: !SASWinLogon - F:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: GEARSecurity - Unknown owner - F:\WINDOWS\System32\GEARSec.exe (file missing)

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--

End of file - 9075 bytes

I removed Panda and installed the AVG program, but haven't been able to find a way to remove Symantec (not listed in the add/remove programs list and no uninstall files in the Symantec folder). I disabled Symantec and thought I had removed it when I installed Panda, but obviously not.

I had to reboot the computer to get back on the internet, since every time I turn off and on my modem, my computer refuses to go back online, so I missed your message to give you the AVG log as I'd turned off the modem while it was scanning. I went into AVG and pulled up the test results, which stated the following:

AVG Test Result

- General Properties

-- Report name: Complete test

-- Start time: 7/29/2007 7:44:46 PM

-- End time: 7/29/2007 10:04:44 PM (total: 2:19:56.8 hrs)

-- Launch method: Scanning launched manually

-- Scanning result: no threats found

-- Report status: scanning completed successfully

- Object Summary

-- Scanned: 360261

-- Threats found: 0

-- Cleaned: 0

-- Moved to vault: 0

-- Deleted: 0

-- Errors: 0

I've also run RogueRemover, and the results said, "RogueRemover did not detect any items". I've also run AVG Anti-Spyware, and these were the results (I had it delete everything it found):

---------------------------------------------------------

AVG Anti-Spyware - Scan Report

---------------------------------------------------------

+ Created at: 11:06:00 PM 7/29/2007

+ Scan result:

:mozilla.548:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.748:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.781:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.782:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.378:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.

:mozilla.379:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.

:mozilla.380:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.

:mozilla.545:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Cnn : Cleaned.

:mozilla.669:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.

:mozilla.670:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.

:mozilla.671:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.

:mozilla.672:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.

:mozilla.673:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.

:mozilla.570:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.

:mozilla.571:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.

:mozilla.572:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.

:mozilla.502:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.909:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.910:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.197:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.

:mozilla.470:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.

:mozilla.471:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.

:mozilla.879:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.

:mozilla.880:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.

:mozilla.156:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.

:mozilla.473:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.475:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.477:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.478:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.479:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.480:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.481:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.482:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

F:\Documents and Settings\AYHM\Cookies\ayhm@revsci[1].txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.486:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.

:mozilla.487:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.

:mozilla.327:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.

:mozilla.328:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.

:mozilla.329:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.

:mozilla.330:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.

:mozilla.331:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.

:mozilla.454:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.

:mozilla.459:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.

:mozilla.461:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.

:mozilla.462:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.

:mozilla.6:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.825:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.826:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.827:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.828:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.855:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.47:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

:mozilla.48:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

:mozilla.49:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

:mozilla.50:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

:mozilla.51:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

:mozilla.52:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

:mozilla.53:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

:mozilla.54:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

:mozilla.55:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

:mozilla.56:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

:mozilla.57:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

:mozilla.58:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

:mozilla.59:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

:mozilla.60:F:\Documents and Settings\AYHM\Application Data\Mozilla\Firefox\Profiles\jbvz3buw.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.

::Report end

Sorry for the incredibly long post, but I wanted to update you on all the actions I've taken so far.

Barbara

Link to post
Share on other sites

No need to apologize. I know how long they get. :D You need an anti virus program, if you thought you got rid of Symantec we will finish the job. It is notorious for not going away. I need to know what the program was though, then I can look on the Symantec site for an uninstaller.

Make sure you have the system set to show all files and folders

Click Start.

Open My Computer.

Select the Tools menu and click Folder Options.

Select the View Tab.

Under the Hidden files and folders heading select Show hidden files and folders.

Uncheck the Hide protected operating system files (recommended) option.

Click Yes to confirm.

Click OK.

Run HJT again and put a check next to these two items and then click fix.

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZJfox000

Then look for this file C:\Program Files\MSN Messenger\MsnMsgr.Exe /background and delete it.

http://siri.geekstogo.com/SmitfraudFix.php follow that link and the instructions on that page.

Let me know how it goes and everything you can about the Symantec so we can clean that up too and you can reinstall your Panda. You need a firewall. So you either need to reinstall that or use the Windows one and it isn't very good. have you looked in Add/Remove programs for anything related to Symantec?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.