Sparx Posted December 8, 2007 ID:10725 Share Posted December 8, 2007 For the past couple weeks my computer has been fairly slow when i'm trying to play games. Also on my email that i haven't given out to anybody, two people have messaged me knowing my name / where i live and my hobbies. Now i could understand this if i gave it out to someone, but i haven't given it to ANYBODY. Thanks for help.Logfile of Trend Micro HijackThis v2.0.0 (BETA)Scan saved at 6:57:34 PM, on 12/7/2007Platform: Windows XP SP2 (WinNT 5.01.2600)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\PROGRA~1\Grisoft\AVG7\avgemc.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exeC:\Program Files\OneStepSearch\onestep.exeC:\WINDOWS\system32\HPZipm12.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\msiexec.exeC:\WINDOWS\Explorer.EXEC:\Program Files\OneStepSearch\onestep.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Java\jre1.6.0_03\bin\jusched.exeC:\WINDOWS\stsystra.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeC:\WINDOWS\system32\dla\tfswctrl.exeC:\WINDOWS\system32\LVCOMSX.EXEC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\PROGRA~1\Grisoft\AVG7\avgcc.exeC:\Program Files\DellSupport\DSAgnt.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\WINDOWS\eHome\ehmsas.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\wuauclt.exeC:\Documents and Settings\Alex\Desktop\HiJackThis_v2.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhostO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exeO4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeO4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exeO4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXEO4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUPO4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startupO4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenterO4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXEO8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspxO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLLO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dllO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeO23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exeO23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exeO23 - Service: Intel Link to post Share on other sites More sharing options...
JeanInMontana Posted December 9, 2007 ID:10736 Share Posted December 9, 2007 Hi Sparx and welcome to Malwarebytes. Please get rid of the Beta version of HiJack This you are running and follow the directions here http://www.malwarebytes.org/forums/index.php?showtopic=2936 Link to post Share on other sites More sharing options...
Sparx Posted December 10, 2007 Author ID:10764 Share Posted December 10, 2007 Alright here goes,AVG Anti-Spyware - Scan Report--------------------------------------------------------- + Created at: 1:29:08 PM 12/9/2007 + Scan result: C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP31\A0007061.exe -> Adware.Relevant : Cleaned.C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP41\A0009392.exe -> Downloader.Small : Cleaned with backup (quarantined).C:\RECYCLER\S-1-5-21-64350572-820396247-2137321259-1005\Dc464\oswdvaz118.exe -> Not-A-Virus.Adware.OneStep : Cleaned.C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP31\A0007062.dll -> Not-A-Virus.Adware.OneStep : Cleaned.C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP31\A0007063.exe -> Not-A-Virus.Adware.OneStep : Cleaned.C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP31\A0007081.exe -> Not-A-Virus.Adware.RK : Cleaned.C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP31\A0006342.exe -> Not-A-Virus.Downloader.Win32.DigStream : Cleaned.:mozilla.131:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.132:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.133:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.134:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.135:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.136:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.137:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.138:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.139:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.140:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.141:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.142:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.143:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.144:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.145:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.146:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.147:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.148:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.474:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.489:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.:mozilla.729:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.C:\Documents and Settings\Alex\Cookies\alex@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.C:\Documents and Settings\Alex\Cookies\alex@pandasoftware.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.:mozilla.294:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.:mozilla.295:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.:mozilla.296:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.:mozilla.101:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.:mozilla.102:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.:mozilla.103:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.:mozilla.104:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.:mozilla.105:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.:mozilla.106:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.:mozilla.107:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.:mozilla.112:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.:mozilla.123:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.:mozilla.124:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.:mozilla.125:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.:mozilla.126:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.:mozilla.127:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.C:\Documents and Settings\Alex\Cookies\alex@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.:mozilla.17:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.C:\Documents and Settings\Alex\Cookies\alex@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned.:mozilla.951:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.:mozilla.955:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.:mozilla.796:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.:mozilla.797:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.:mozilla.798:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.:mozilla.397:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.:mozilla.398:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.:mozilla.399:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.:mozilla.400:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.:mozilla.401:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.:mozilla.402:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.:mozilla.403:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.:mozilla.404:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.:mozilla.405:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.:mozilla.406:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.:mozilla.722:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.:mozilla.19:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.:mozilla.311:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.:mozilla.312:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.:mozilla.313:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.:mozilla.314:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.:mozilla.315:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.:mozilla.316:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.C:\Documents and Settings\Alex\Cookies\alex@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.:mozilla.114:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.:mozilla.115:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.:mozilla.116:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.:mozilla.117:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.:mozilla.118:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.:mozilla.119:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.:mozilla.120:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.:mozilla.121:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.:mozilla.122:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.:mozilla.432:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.:mozilla.601:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.:mozilla.882:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.:mozilla.391:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.:mozilla.392:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.:mozilla.393:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.:mozilla.608:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.:mozilla.730:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.:mozilla.373:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.:mozilla.374:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.:mozilla.13:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.:mozilla.443:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.:mozilla.7:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.:mozilla.9:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.:mozilla.366:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.:mozilla.367:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.:mozilla.368:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.C:\Documents and Settings\Alex\Cookies\alex@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.:mozilla.91:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.:mozilla.92:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.:mozilla.93:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.:mozilla.755:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Overture : Cleaned.:mozilla.860:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Overture : Cleaned.:mozilla.334:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.:mozilla.335:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.:mozilla.336:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.:mozilla.343:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.:mozilla.344:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.:mozilla.345:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.:mozilla.346:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.:mozilla.347:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.:mozilla.348:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.C:\Documents and Settings\Alex\Cookies\alex@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.:mozilla.363:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.:mozilla.364:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.C:\Documents and Settings\Alex\Cookies\alex@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.:mozilla.464:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Real : Cleaned.:mozilla.723:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.:mozilla.724:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.:mozilla.725:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.:mozilla.726:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.:mozilla.242:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.:mozilla.251:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.:mozilla.252:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.:mozilla.253:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.:mozilla.254:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.:mozilla.255:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.:mozilla.256:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.:mozilla.257:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.:mozilla.805:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.:mozilla.604:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.:mozilla.605:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.:mozilla.606:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.:mozilla.607:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.:mozilla.258:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.:mozilla.259:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.:mozilla.260:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.:mozilla.261:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.:mozilla.262:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.:mozilla.263:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.:mozilla.264:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.:mozilla.756:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.:mozilla.757:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.:mozilla.758:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.:mozilla.218:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.219:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.220:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.221:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.222:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.223:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.224:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.225:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.226:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.227:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.228:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.229:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.230:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.231:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.232:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.233:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.234:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.235:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.236:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.237:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.:mozilla.108:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.:mozilla.109:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.:mozilla.110:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.:mozilla.111:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.:mozilla.113:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.:mozilla.98:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.:mozilla.791:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.:mozilla.503:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.:mozilla.504:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.:mozilla.505:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.:mozilla.506:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.:mozilla.507:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.:mozilla.508:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.:mozilla.509:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.:mozilla.76:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.:mozilla.518:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.:mozilla.774:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.:mozilla.209:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.:mozilla.210:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.:mozilla.211:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.:mozilla.212:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.:mozilla.213:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.:mozilla.214:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.:mozilla.215:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.:mozilla.349:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.:mozilla.350:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.:mozilla.351:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.:mozilla.352:C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.::Report endIncident Status Location Dialer:dialer.su Not disinfected hkey_local_machine\software\microsoft\windows\currentversion\uninstall\Switch Adware:adware/savenow Not disinfected Windows Registry Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.atdmt.com/] Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.advertising.com/] Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.did-it.com/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.statcounter.com/] Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.adultfriendfinder.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.apmebf.com/] Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.ads.pointroll.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.zedo.com/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.casalemedia.com/] Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.com.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[server.iad.liveperson.net/] Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.toplist.cz/] Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.azjmp.com/] Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.trafficmp.com/] Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.atwola.com/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.realmedia.com/] Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.hotlog.ru/] Spyware:Cookie/Smartadserver Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.smartadserver.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[statse.webtrendslive.com/] Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.burstnet.com/] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.perf.overture.com/] Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.bfast.com/] Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\w23wmptz.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Alex\Cookies\alex@adultfriendfinder[2].txt Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Alex\Cookies\alex@atwola[1].txt Adware:Adware/SaveNow Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0TUV0P23\upgrade[1].cab[upgrade.exe][onestep.exe] Virus:Eicar.Mod Not disinfected C:\Program Files\Trend Micro\Internet Security 12\tmhelp.chm[/PCC12/Test_virus.htm] Adware:Adware/ClockSync Not disinfected C:\RECYCLER\S-1-5-21-64350572-820396247-2137321259-1005\Dc464\VVSNInst.exe Adware:Adware/SaveNow Not disinfected C:\WINDOWS\Temp\ONE49.tmp\upgrade.exe[onestep.exe] Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:58:26 PM, on 12/9/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\PROGRA~1\Grisoft\AVG7\avgemc.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exeC:\Program Files\OneStepSearch\onestep.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Java\jre1.6.0_03\bin\jusched.exeC:\WINDOWS\stsystra.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeC:\WINDOWS\system32\dla\tfswctrl.exeC:\WINDOWS\system32\LVCOMSX.EXEC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Program Files\OneStepSearch\onestep.exeC:\WINDOWS\eHome\ehmsas.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\Windows Live\Messenger\usnsvc.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\WINDOWS\system32\NOTEPAD.EXER1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhostO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exeO4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeO4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exeO4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXEO4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUPO4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimizedO4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startupO4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenterO4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXEO8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspxO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cabO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLLO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeO23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exeO23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exeO23 - Service: Intel Link to post Share on other sites More sharing options...
JeanInMontana Posted December 11, 2007 ID:10813 Share Posted December 11, 2007 Please download this file: http://downloads.andymanchesta.com/RemovalTools/SDFix.exe' rel="external nofollow">SDFix.exe * Open the extracted SDFix folder and double click RunThis.bat to start the script. * Type Y to begin the cleanup process. * It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot. * Press any Key and it will restart the PC. * When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons. * Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt (Report.txt will also be copied to Clipboard ready for posting back on the forum). * Finally paste the contents of the Report.txt back on the forum.Reboot your system in Normal Mode. Then post the SDFix log and a new HJT log please. Link to post Share on other sites More sharing options...
Sparx Posted December 13, 2007 Author ID:10867 Share Posted December 13, 2007 SDFix: Version 1.118Run by Alex on Wed 12/12/2007 at 07:47 AMMicrosoft Windows XP [Version 5.1.2600]Running From: C:\DOCUME~1\Alex\MYDOCU~1\SDFixSafe Mode:Checking Services: Restoring Windows Registry ValuesRestoring Windows Default Hosts FileRebooting...Normal Mode:Checking Files: No Trojan Files FoundRemoving Temp Files...ADS Check:C:\WINDOWSNo streams found. C:\WINDOWS\system32No streams found. C:\WINDOWS\system32\svchost.exeNo streams found.C:\WINDOWS\system32\ntoskrnl.exeNo streams found. Final Check:catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2007-12-12 07:53:13Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes ...IPC error: 2 The system cannot find the file specified.scanning hidden services & system hive ...scanning hidden registry entries ...scanning hidden files ...scan completed successfullyhidden processes: 0hidden services: 0hidden files: 0Remaining Services:------------------Authorized Application Key Export:[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL""C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL""C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL""C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader""C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe""C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe""C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe""C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe""C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe""C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe""C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe""C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe""C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe""C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe""C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe""C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe""C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe""C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger""C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)""C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger""C:\\Documents and Settings\\Alex\\Local Settings\\Temp\\~os22.tmp\\ossproxy.exe"="C:\\Documents and Settings\\Alex\\Local Settings\\Temp\\~os22.tmp\\ossproxy.exe:*:Enabled:ossproxy.exe""C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes""C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe""C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe""C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe""C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe""C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL""C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL""C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL""C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger""C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)""C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"Remaining Files:---------------Files with Hidden Attributes:Mon 5 Nov 2007 8 A..H. --- "C:\Documents and Settings\Alex\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u1\lock.tmp"Mon 5 Nov 2007 8 A..H. --- "C:\Documents and Settings\Alex\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2\lock.tmp"Mon 5 Nov 2007 8 A..H. --- "C:\Documents and Settings\Alex\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u3\lock.tmp"Mon 12 Nov 2007 8 A..H. --- "C:\Documents and Settings\Alex\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4\lock.tmp"Fri 16 Nov 2007 8 A..H. --- "C:\Documents and Settings\Alex\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u5\lock.tmp" Link to post Share on other sites More sharing options...
JeanInMontana Posted December 13, 2007 ID:10882 Share Posted December 13, 2007 You didn't finish the process. You need to reboot and post a HJT log. Link to post Share on other sites More sharing options...
Sparx Posted December 14, 2007 Author ID:10913 Share Posted December 14, 2007 Sorry about that did it just before i headed to bed, thanks again for all the help,Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:14:56 PM, on 12/13/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\PROGRA~1\Grisoft\AVG7\avgemc.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exeC:\Program Files\OneStepSearch\onestep.exeC:\WINDOWS\system32\HPZipm12.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\OneStepSearch\onestep.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Java\jre1.6.0_03\bin\jusched.exeC:\WINDOWS\stsystra.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeC:\WINDOWS\system32\dla\tfswctrl.exeC:\WINDOWS\system32\LVCOMSX.EXEC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\WINDOWS\eHome\ehmsas.exeC:\PROGRA~1\Grisoft\AVG7\avgcc.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exeC:\Program Files\DellSupport\DSAgnt.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhostO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exeO4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeO4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exeO4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXEO4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUPO4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimizedO4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startupO4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenterO4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXEO8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspxO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cabO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLLO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeO23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exeO23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exeO23 - Service: Intel Link to post Share on other sites More sharing options...
JeanInMontana Posted December 14, 2007 ID:10932 Share Posted December 14, 2007 OK we need to get rid of One Step. Look in Add/Remove programs for it.O23 - Service: OneStep Search Service - OneStepSearch.net, Inc. - C:\Program Files\OneStepSearch\onestep.exeThe bold part of the line above shows the file path where it is located, delete that file after you uninstall it and put a check next to that line in HJT and this one below:O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)Then click fix and exit HJT. Reboot and post a new log. Let me know how things are running for you. Link to post Share on other sites More sharing options...
Sparx Posted December 15, 2007 Author ID:10957 Share Posted December 15, 2007 Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:19:21 AM, on 12/15/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\PROGRA~1\Grisoft\AVG7\avgemc.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exeC:\WINDOWS\system32\HPZipm12.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\svchost.exeC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Java\jre1.6.0_03\bin\jusched.exeC:\WINDOWS\stsystra.exeC:\WINDOWS\system32\dllhost.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeC:\WINDOWS\system32\dla\tfswctrl.exeC:\WINDOWS\system32\LVCOMSX.EXEC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\PROGRA~1\Grisoft\AVG7\avgcc.exeC:\WINDOWS\eHome\ehmsas.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exeC:\Program Files\DellSupport\DSAgnt.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\PROGRA~1\Grisoft\AVG7\avgw.exeC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\system32\msiexec.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhostO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exeO4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeO4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exeO4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXEO4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUPO4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimizedO4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startupO4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenterO4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXEO8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspxO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cabO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLLO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeO23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exeO23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exeO23 - Service: Intel Link to post Share on other sites More sharing options...
JeanInMontana Posted December 16, 2007 ID:10997 Share Posted December 16, 2007 So how are things running? Your feedback is very important in this process. Link to post Share on other sites More sharing options...
Sparx Posted December 28, 2007 Author ID:11294 Share Posted December 28, 2007 Everything looks better, no more weird emails and computer is running faster. Thanks! Link to post Share on other sites More sharing options...
JeanInMontana Posted December 28, 2007 ID:11300 Share Posted December 28, 2007 We need to now reset a clean System Restore point. If you don't and you need to use System Restore you will reinfect yourself. Go to Start>Control Panel>System. Click on the System Restore tab and put a check in Turn off System Restore. Then click OK. Now go to Start>Help and Support > Undo Changes to Your System or System Restore depending on the make of your PC. Click on what ever will open the System Restore box. You will see two options, Choose Create a System Restore Point. Give it a name like Clean Restore Point and today's date. Now if you need to use it you have it. Many of these infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenol. Keep Spybot Search & Destroy and always immunize when you update. You will also need at least one other scanning program AVG is good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use.A firewall and antivirus are also essential. The Windows firewall in XP is not sufficient.Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan.SpywareBlaster from Javacool SoftwareWinPatrol by BillPStudios SiteHound by FireTrustRogueRemoverhpHostsFor an excellent list of reliable free firewalls and antivirus programs see here Since this appears resolved I will close the topic to prevent others from posting into it. If you need it reopned just PM any Moderator. Note: the fixes in this topic are for this system only. Applying them to your system can cause severe damage and result in utter system failure. If you need help start your own topic and someone will be happy to assist you Link to post Share on other sites More sharing options...
Recommended Posts