Jump to content


Photo

Spyware/Malware Assistance


  • This topic is locked This topic is locked
12 replies to this topic

#1 oRioN67466

oRioN67466

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 31 May 2007 - 08:59 PM

getting popups like drive cleaner, system is a bit sluggish, just would like some more knowledgeable insight :D

Scanned with & In Following Order:

1. Panda ActiveScan
2. AVG Anti-Spyware 7.5
3. Spybot-Search and Destroy
4. Ad-Aware Pro
5. HiJackThis

Log Files:

Panda Active Scan log all jumbles together when it is posted on the forum, if it is needed, I can post it or you can look at an screenshot here:
Posted Image

AVG


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 9:26:36 PM 31/05/2007

+ Scan result:



C:\WINDOWS\system32\jkkhhfd.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
[1324] C:\WINDOWS\system32\vtstt.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
[1736] C:\WINDOWS\system32\vtstt.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
[448] C:\WINDOWS\system32\vtstt.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\Documents and Settings\LoGaN\Desktop\Nero v7.8.5.0 Micro (Final Release).rar/keymakers\keygen 2.exe -> Backdoor.Hupigon : Cleaned with backup (quarantined).
:mozilla.736:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.737:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.738:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.739:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.740:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.741:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.742:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.743:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.744:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.745:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.746:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.747:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.748:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.749:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.750:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.751:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.173:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.178:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.179:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.180:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.181:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.182:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.183:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.184:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.77:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.78:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.79:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.80:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.629:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.630:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.631:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.632:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.633:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.634:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.186:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.187:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.248:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.249:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.123:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.124:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.125:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.126:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.606:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.607:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.608:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.609:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.610:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.64:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.65:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.66:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.18:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.21:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.626:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.570:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.794:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.795:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.210:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.218:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.219:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.220:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.221:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.222:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.223:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.224:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.51:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.89:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.90:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.91:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.372:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.383:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.384:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.98:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Co : Cleaned.
:mozilla.35:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.115:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.116:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.119:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.120:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.860:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Dealtime : Cleaned.
:mozilla.863:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Dealtime : Cleaned.
:mozilla.247:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.28:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.46:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.57:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.65:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.66:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.72:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.74:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.94:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.228:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.229:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.230:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.775:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.776:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.777:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.778:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.779:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.780:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.781:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.241:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.242:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.730:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.926:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Intelli-direct : Cleaned.
:mozilla.470:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.67:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.79:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.18:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.19:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\LoGaN\Cookies\logan@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.790:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.792:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.119:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.97:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.44:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.109:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.110:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.111:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.112:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.130:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.621:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.622:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.156:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.157:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.158:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.782:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.783:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.784:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.785:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.786:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.787:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.163:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.166:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.167:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.168:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.169:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.57:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.58:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.59:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.60:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.61:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.508:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.359:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.360:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.361:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.362:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.363:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.121:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.122:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.128:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.129:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.130:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.131:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.132:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.133:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.134:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.135:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.136:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.137:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.138:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.139:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.140:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.141:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.142:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.143:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.144:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.145:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.146:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.147:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.148:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.151:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.152:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.153:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.154:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.155:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.156:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.157:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.158:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.159:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.160:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.161:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.162:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.257:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
:mozilla.123:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.124:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.620:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.623:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.624:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.625:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.69:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.70:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.72:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.548:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Toplist : Cleaned.
:mozilla.103:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.20:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.21:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.450:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.99:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.941:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.265:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.104:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.52:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.53:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.54:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.67:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.68:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.69:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.70:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.71:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.73:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.75:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.76:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.96:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.103:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.104:E:\XP install\backup\Pat\Mozilla\Firefox\Profiles\default.b9e\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.369:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.370:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.371:C:\Documents and Settings\LoGaN\Application Data\Mozilla\Firefox\Profiles\blb3rbk3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.67:E:\XP install\backup\Lauren\Mozilla\Firefox\Profiles\fupu3gyh.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.


::Report end

Edited by oRioN67466, 31 May 2007 - 09:16 PM.


#2 oRioN67466

oRioN67466

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 31 May 2007 - 09:04 PM

HIJACK THIS

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 10:34:26 PM, on 31/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG7\avgamsvr.exe
C:\PROGRA~1\AVG7\avgupsvc.exe
C:\PROGRA~1\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\PROGRA~1\AVG7\avgcc.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijack This\HiJackThis_v2.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2C9E26E8-E2BD-42CC-B0EA-A48E83CEB7EB} - C:\WINDOWS\system32\vtstt.dll
O2 - BHO: (no name) - {4AC7B9FF-1C0E-4B1F-8423-5294F981402C} - C:\WINDOWS\system32\mllmm.dll (file missing)
O2 - BHO: (no name) - {6F6127CF-8748-4383-BA62-07F36B700B92} - C:\WINDOWS\system32\mllmm.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {9E93A147-E3F9-47AB-BAF0-915CCAAA7034} - C:\WINDOWS\system32\jkkhhfd.dll
O2 - BHO: (no name) - {CD3447D4-CA39-4377-8084-30E86331D74C} - C:\WINDOWS\system32\lukcnawl.dll
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [setup] rundll32.exe "C:\WINDOWS\system32\pgxthqbh.dll",realset
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TrackerChecker] C:\Program Files\TrackerChecker\TrackerChecker.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{25F4721D-29BE-489E-B32D-7B30F03D31D8}: NameServer = 10.9.10.1
O20 - Winlogon Notify: jkkhhfd - C:\WINDOWS\SYSTEM32\jkkhhfd.dll
O20 - Winlogon Notify: mllmm - C:\WINDOWS\system32\mllmm.dll (file missing)
O20 - Winlogon Notify: vtstt - C:\WINDOWS\system32\vtstt.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgemc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe

--
End of file - 6139 bytes

#3 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,523 posts

Posted 03 June 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.

#4 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,095 posts

Posted 05 June 2007 - 08:50 AM

Hello,

Print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.

Please download Atribune's VundoFix.exe from this site:
http://www.atribune.org/ccount/click.php?id=4 and place it on your desktop.

Double-click VundoFix.exe to run it.

Click the Scan for Vundo button.

Once it's done scanning, click the Remove Vundo button.

You will receive a prompt asking if you want to remove the files,
click YES


Once you click yes, your desktop will go blank as it starts removing
Vundo.


When completed, it will prompt that it will reboot your computer,
click OK.


=*=

Disable AdWatch:
Please disable AdWatch, as it may hinder the removal of some entries. You can re-enable it after you're clean.
To disable AdWatch:
  • Open AdAware SE.
  • Go to AdWatch User Interface .
  • Go to Tools and Preferences.
    At the bottom of the screen you will see 2 options Active and Automatic.
  • Active : This will turn Ad-Watch On\Off without closing it
  • Automatic : Suspicious activity will be blocked automatically
  • Uncheck both options. You can enable these after resolving your problem.
After all of the fixes are complete it is very important that you enable AdWatch again.


Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:

O2 - BHO: (no name) - {2C9E26E8-E2BD-42CC-B0EA-A48E83CEB7EB} - C:\WINDOWS\system32\vtstt.dll
O2 - BHO: (no name) - {4AC7B9FF-1C0E-4B1F-8423-5294F981402C} - C:\WINDOWS\system32\mllmm.dll (file missing)
O2 - BHO: (no name) - {6F6127CF-8748-4383-BA62-07F36B700B92} - C:\WINDOWS\system32\mllmm.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {9E93A147-E3F9-47AB-BAF0-915CCAAA7034} - C:\WINDOWS\system32\jkkhhfd.dll
O2 - BHO: (no name) - {CD3447D4-CA39-4377-8084-30E86331D74C} - C:\WINDOWS\system32\lukcnawl.dll
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [setup] rundll32.exe "C:\WINDOWS\system32\pgxthqbh.dll",realset
O20 - Winlogon Notify: jkkhhfd - C:\WINDOWS\SYSTEM32\jkkhhfd.dll
O20 - Winlogon Notify: mllmm - C:\WINDOWS\system32\mllmm.dll (file missing)
O20 - Winlogon Notify: vtstt - C:\WINDOWS\system32\vtstt.dll


Click on Fix Checked when finished and exit HijackThis.

Please set your system to show all files;
To delete the files/folders in the next steps, you may need to show hidden Files/Folders: How to.
At the end of the fix you can return the files to hidden status if you want..


Delete these files/folde in bold if found.

Files
C:\WINDOWS\system32\vtstt.dll
C:\WINDOWS\system32\jkkhhfd.dll
C:\WINDOWS\system32\lukcnawl.dll
C:\WINDOWS\system32\pgxthqbh.dll


Folder
C:\Program Files\Storm Codec\


Restart the computer normally to reset the registry.

Enable AdWatch.

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, look if you can click next icon next to the files found: Posted Image
  • If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
    Posted Image
    This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
  • After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web you saved previously in your next reply. You can use Notepad to open the DrWeb.cvs report.


Please post the contents of C:\vundofix.txt and a new HiJackThis log.

Let me know what problem persist.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#5 oRioN67466

oRioN67466

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 05 June 2007 - 07:39 PM

hey nasdaq! first off, thank you for taking time out of your life to help me :D

I did what you suggested, I actually ran VundoFix before you suggested it, but I will post the log:

VundoFix Log

VundoFix V6.4.2

Checking Java version...

Java version is 1.5.0.11

Scan started at 7:28:46 PM 04/06/2007

Listing files found while scanning....

C:\WINDOWS\system32\hbqhtxgp.ini
C:\WINDOWS\system32\jkkhhfd.dll
C:\WINDOWS\system32\lukcnawl.dll
C:\WINDOWS\system32\mllmm.dll
C:\WINDOWS\system32\mmllm.ini
C:\WINDOWS\system32\pgxthqbh.dll
C:\WINDOWS\system32\ttstv.bak2
C:\WINDOWS\system32\ttstv.ini
C:\WINDOWS\system32\ttstv.ini2
C:\WINDOWS\system32\vtstt.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\hbqhtxgp.ini
C:\WINDOWS\system32\hbqhtxgp.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkkhhfd.dll
C:\WINDOWS\system32\jkkhhfd.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lukcnawl.dll
C:\WINDOWS\system32\lukcnawl.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mmllm.ini
C:\WINDOWS\system32\mmllm.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\pgxthqbh.dll
C:\WINDOWS\system32\pgxthqbh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttstv.bak2
C:\WINDOWS\system32\ttstv.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttstv.ini
C:\WINDOWS\system32\ttstv.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttstv.ini2
C:\WINDOWS\system32\ttstv.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtstt.dll
C:\WINDOWS\system32\vtstt.dll Has been deleted!

Performing Repairs to the registry.
Done!


DrWeb Log

A0077202.exe;H:\System Volume Information\_restore{13FB124C-4BC0-4ADD-B427-53B4EBBFF5B0}\RP234;Program.mIRC.611;Incurable.Moved.;


HJT Log - FURTHER UPDATED ONE BELOW


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 9:00:22 PM, on 05/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\AVG7\avgamsvr.exe
C:\PROGRA~1\AVG7\avgupsvc.exe
C:\PROGRA~1\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG7\avgcc.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijack This\HiJackThis_v2.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4AC7B9FF-1C0E-4B1F-8423-5294F981402C} - C:\WINDOWS\system32\mllmm.dll (file missing)
O2 - BHO: (no name) - {6F6127CF-8748-4383-BA62-07F36B700B92} - C:\WINDOWS\system32\mllmm.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8271CA74-C773-4E45-B8E8-CC0AE545E2E5} - C:\WINDOWS\system32\vtstt.dll (file missing)
O2 - BHO: (no name) - {D09EDC73-3457-452A-BAAF-2DC1BB1ABF6A} - C:\WINDOWS\system32\vtstt.dll (file missing)
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TrackerChecker] C:\Program Files\TrackerChecker\TrackerChecker.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{25F4721D-29BE-489E-B32D-7B30F03D31D8}: NameServer = 10.9.10.1
O20 - Winlogon Notify: mllmm - C:\WINDOWS\system32\mllmm.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgemc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe

--
End of file - 5659 bytes



according to Spybot and VundoFix im clean, and according to AVG antispyware's quick scan im clean, and according to Adaware SE, i had two cases of Virtumonde, one was a VundoFix backup, and one was quarantined

ArchiveData(Virtumonde June 5 2007.bckp)
Referencefile : SE1R174 04.06.2007
======================================================

VIRTUMONDE

obj[0]=File : C:\System Volume Information\_restore{4F1E0E9E-6260-4A42-90D6-5460F78F0899}\RP60\A0034914.dll


is there anything that they are missing?



here is a more up to date HJT log

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 10:43:48 PM, on 05/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\AVG7\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG7\avgupsvc.exe
C:\PROGRA~1\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG7\avgcc.exe
C:\Program Files\uTorrent\utorrent.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe
C:\Program Files\Hijack This\HiJackThis_v2.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {8271CA74-C773-4E45-B8E8-CC0AE545E2E5} - C:\WINDOWS\system32\vtstt.dll (file missing)
O2 - BHO: (no name) - {D09EDC73-3457-452A-BAAF-2DC1BB1ABF6A} - C:\WINDOWS\system32\vtstt.dll (file missing)
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TrackerChecker] C:\Program Files\TrackerChecker\TrackerChecker.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{25F4721D-29BE-489E-B32D-7B30F03D31D8}: NameServer = 10.9.10.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgemc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe

--
End of file - 5550 bytes



let me know what I should do next, and thank you once again for your time and support.
-orion


Edit once again, I did a KASPERSKY ONLINE SCAN, I can post the log of that if you wish, it says it found 41 infected files, but its a lier. ;)

Edited by oRioN67466, 05 June 2007 - 10:12 PM.


#6 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,095 posts

Posted 06 June 2007 - 07:39 AM

Print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.

Nice work, just some clean up to do.

Disable AdWatch:
Please disable AdWatch, as it may hinder the removal of some entries. You can re-enable it after you're clean.
To disable AdWatch:
  • Open AdAware SE.
  • Go to AdWatch User Interface .
  • Go to Tools and Preferences.
    At the bottom of the screen you will see 2 options Active and Automatic.
  • Active : This will turn Ad-Watch On\Off without closing it
  • Automatic : Suspicious activity will be blocked automatically
  • Uncheck both options. You can enable these after resolving your problem.
After all of the fixes are complete it is very important that you enable AdWatch again.


Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: (no name) - {4AC7B9FF-1C0E-4B1F-8423-5294F981402C} - C:\WINDOWS\system32\mllmm.dll (file missing)
O2 - BHO: (no name) - {6F6127CF-8748-4383-BA62-07F36B700B92} - C:\WINDOWS\system32\mllmm.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8271CA74-C773-4E45-B8E8-CC0AE545E2E5} - C:\WINDOWS\system32\vtstt.dll (file missing)
O2 - BHO: (no name) - {D09EDC73-3457-452A-BAAF-2DC1BB1ABF6A} - C:\WINDOWS\system32\vtstt.dll (file missing)
O20 - Winlogon Notify: mllmm - C:\WINDOWS\system32\mllmm.dll (file missing)


Click on Fix Checked when finished and exit HijackThis.

Restart the computer normally to reset the registry.

Submit a fresh HijackThis log. Let me known what problem remains.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#7 oRioN67466

oRioN67466

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 06 June 2007 - 03:39 PM

Thanks nasdaq!


It Found and fixed
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: (no name) - {8271CA74-C773-4E45-B8E8-CC0AE545E2E5} - C:\WINDOWS\system32\vtstt.dll (file missing)
O2 - BHO: (no name) - {D09EDC73-3457-452A-BAAF-2DC1BB1ABF6A} - C:\WINDOWS\system32\vtstt.dll (file missing)



Fresh Log


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 5:31:40 PM, on 06/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\AVG7\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG7\avgupsvc.exe
C:\PROGRA~1\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG7\avgcc.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Hijack This\HiJackThis_v2.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {8271CA74-C773-4E45-B8E8-CC0AE545E2E5} - C:\WINDOWS\system32\vtstt.dll (file missing)
O2 - BHO: (no name) - {D09EDC73-3457-452A-BAAF-2DC1BB1ABF6A} - C:\WINDOWS\system32\vtstt.dll (file missing)
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TrackerChecker] C:\Program Files\TrackerChecker\TrackerChecker.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{25F4721D-29BE-489E-B32D-7B30F03D31D8}: NameServer = 10.9.10.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgemc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe

--
End of file - 5383 bytes

#8 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,095 posts

Posted 07 June 2007 - 08:06 AM

Print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.

Items still present.

Disable AdWatch:
Please disable AdWatch, as it may hinder the removal of some entries. You can re-enable it after you're clean.
To disable AdWatch:
  • Open AdAware SE.
  • Go to AdWatch User Interface .
  • Go to Tools and Preferences.
    At the bottom of the screen you will see 2 options Active and Automatic.
  • Active : This will turn Ad-Watch On\Off without closing it
  • Automatic : Suspicious activity will be blocked automatically
  • Uncheck both options. You can enable these after resolving your problem.
After all of the fixes are complete it is very important that you enable AdWatch again.

Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: (no name) - {8271CA74-C773-4E45-B8E8-CC0AE545E2E5} - C:\WINDOWS\system32\vtstt.dll (file missing)
O2 - BHO: (no name) - {D09EDC73-3457-452A-BAAF-2DC1BB1ABF6A} - C:\WINDOWS\system32\vtstt.dll (file missing)


Click on Fix Checked when finished and exit HijackThis.

Restart the computer to reset the registry. <- important.

Enable AdWatch.

Submit a fresh HijackThis log for my review.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#9 oRioN67466

oRioN67466

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 08 June 2007 - 12:22 PM

Hey, they were fixed on last scan, but after it auto generated a log file, I didnt have any thing you mentioned above:D

still, here is a fresh log

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 2:20:09 PM, on 08/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\AVG7\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG7\avgupsvc.exe
C:\PROGRA~1\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\PROGRA~1\AVG7\avgcc.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Hijack This\HiJackThis_v2.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TrackerChecker] C:\Program Files\TrackerChecker\TrackerChecker.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{25F4721D-29BE-489E-B32D-7B30F03D31D8}: NameServer = 10.9.10.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\AVG7\avgemc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe

--
End of file - 5116 bytes

#10 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,095 posts

Posted 08 June 2007 - 02:15 PM

Nice Work your log is clean.

Please read this Prevention page with lots of info and tips how to prevent this in the future.

http://users.telenet.be/bluepatchy/miekiemoes/prevention.html


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#11 oRioN67466

oRioN67466

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 08 June 2007 - 02:47 PM

hey nasdaq!

Thank you very much for taking the time to help me, I really appreciate it and it is very kind of you :)

Thank you from Nova Scotia

-oRioN

#12 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,095 posts

Posted 09 June 2007 - 06:40 AM

Glad we could help.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#13 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,095 posts

Posted 20 June 2007 - 08:00 AM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button