• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
    • Budfred

      PLEASE READ - Reversing upgrade   02/23/2017

      We have found that this new upgrade is somewhat of a disaster.  We are finding lots of glitches in being able to post and administer the forum.  Additionally, there are new costs associated with the upgrade that we simply cannot afford.  As a result, we have decided to reverse course and go back to the previous version of our software.  Since this will involve restoring it from a backup, we will lose posts that have been added since January 30 or possibly even some before that.    If you started a topic during that time, we urge you to make backups of your posts and you will need to start the topics over again after the change.  You can simply paste the copies of your posts that you created at that point.    If you joined the forum this month, you will need to re-register since your membership will be lost along with the posts.  Since you have a concealed password, we cannot simply restore your membership for you.   We are going to backup as much as we can so that it will reduce inconvenience for our members.  Unfortunately we cannot back everything up since much will be incompatible with the old version of our software.  We apologize for the confusion and regret the need to do this even though it is not viable to continue with this version of the software.   We plan to begin the process tomorrow evening and, if it goes smoothly, we shouldn't be offline for very long.  However, since we have not done this before, we are not sure how smoothly it will go.  We ask your patience as we proceed.
Sign in to follow this  
Followers 0
cappri

Hijacked Browser & Other Issues

15 posts in this topic

For the past few weeks my web browsers (Mozilla & IE, latest versions) have lost certain functionalities.

 

Whenever I receive e-mails or try to visit sites like J. Crew and Anthropologie, my browser either fails to display the images on the page or the entire page itself. Instead, it automatically redirects to other pages, some URLs being:

 

thumbdom.net

hotproductz.com

freeloadmp3.com

ThisPageIsNotAvailable.com

Eromans.com

SheMaleShow.net

 

etc

 

Also, my browser/computer can no longer play .wmv videos from the internet

 

Finally, though I'm not sure if this arises from a mal/spyware problem, but I've noticed that my System Restore never successfully completes whenever I try to restore it to an earlier checkpoint. It always says that it cannot restore to its previous configuration. Is this a Windows difficulty and could this somehow be linked to a virus/malware?

 

Norton has detected a low/medium risk threat

Ewido/AVG has detected a high risk threat: Trojan.DNSChanger.ih

 

I followed the instructions in the FAQ. I ran Ad-Aware, Spybot, Ewido, HijackThis, and plan to run one or two more of the recommended online scanners while I wait for a reply.

 

Here are my Ewido and HijackThis logs:

 

**This is actually a cut down log, because the original (which I can send if needed) was about 20mb and 10 million characters (2000+ pages in Word) and had alot of redundant lines...w/ a digit or 2 between similar lines.

---------------------------------------------------------

AVG Anti-Spyware - Scan Report

---------------------------------------------------------

+ Created at: 9:22:52 PM 6/10/2007

 

+ Scan result:

 

:mozilla.203:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.247realmedia : Cleaned.

:mozilla.212:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.247realmedia : Cleaned.

:mozilla.231:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.247realmedia : Cleaned.

:mozilla.6:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.

:mozilla.10:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.179:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.2o7 : Cleaned.

:mozilla.181:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.2o7 : Cleaned.

:mozilla.190:C:\RECYCLER\NPROTECT\01154700.MOZ -> TrackingCookie.2o7 : Cleaned.

:mozilla.205:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.210:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.2o7 : Cleaned.

:mozilla.364:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.2o7 : Cleaned.

:mozilla.373:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.2o7 : Cleaned.

:mozilla.392:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.2o7 : Cleaned.

:mozilla.7:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.8:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.9:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.108:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Adrevolver : Cleaned.

:mozilla.110:C:\RECYCLER\NPROTECT\01158985.MOZ -> TrackingCookie.Adrevolver : Cleaned.

:mozilla.70:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Adrevolver : Cleaned.

:mozilla.80:C:\RECYCLER\NPROTECT\01158623.MOZ -> TrackingCookie.Adrevolver : Cleaned.

:mozilla.90:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Adrevolver : Cleaned.

:mozilla.10:C:\RECYCLER\NPROTECT\01158331.MOZ -> TrackingCookie.Advertising : Cleaned.

:mozilla.20:C:\RECYCLER\NPROTECT\01158332.MOZ -> TrackingCookie.Advertising : Cleaned.

:mozilla.30:C:\RECYCLER\NPROTECT\01158311.MOZ -> TrackingCookie.Advertising : Cleaned.

:mozilla.45:C:\RECYCLER\NPROTECT\01158747.MOZ -> TrackingCookie.Advertising : Cleaned.

:mozilla.50:C:\RECYCLER\NPROTECT\01158747.MOZ -> TrackingCookie.Advertising : Cleaned.

:mozilla.60:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Advertising : Cleaned.

:mozilla.78:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Advertising : Cleaned.

:mozilla.80:C:\RECYCLER\NPROTECT\01158985.MOZ -> TrackingCookie.Advertising : Cleaned.

:mozilla.9:C:\RECYCLER\NPROTECT\01158331.MOZ -> TrackingCookie.Advertising : Cleaned.

:mozilla.10:C:\RECYCLER\NPROTECT\01158925.MOZ -> TrackingCookie.Atdmt : Cleaned.

:mozilla.20:C:\RECYCLER\NPROTECT\01158303.MOZ -> TrackingCookie.Atdmt : Cleaned.

:mozilla.32:C:\RECYCLER\NPROTECT\01156452.MOZ -> TrackingCookie.Atdmt : Cleaned.

:mozilla.40:C:\RECYCLER\NPROTECT\01158623.MOZ -> TrackingCookie.Atdmt : Cleaned.

:mozilla.48:C:\RECYCLER\NPROTECT\01154745.MOZ -> TrackingCookie.Atdmt : Cleaned.

:mozilla.51:C:\RECYCLER\NPROTECT\01158747.MOZ -> TrackingCookie.Atdmt : Cleaned.

:mozilla.61:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Atdmt : Cleaned.

:mozilla.6:C:\RECYCLER\NPROTECT\01158358.MOZ -> TrackingCookie.Atdmt : Cleaned.

:mozilla.7:C:\RECYCLER\NPROTECT\01158352.MOZ -> TrackingCookie.Atdmt : Cleaned.

:mozilla.103:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Bridgetrack : Cleaned.

:mozilla.110:C:\RECYCLER\NPROTECT\01156983.MOZ -> TrackingCookie.Bridgetrack : Cleaned.

:mozilla.120:C:\RECYCLER\NPROTECT\01158834.MOZ -> TrackingCookie.Bridgetrack : Cleaned.

:mozilla.137:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Bridgetrack : Cleaned.

:mozilla.140:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Bridgetrack : Cleaned.

:mozilla.577:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.

:mozilla.141:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Burstnet : Cleaned.

:mozilla.150:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Burstnet : Cleaned.

:mozilla.170:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Burstnet : Cleaned.

:mozilla.664:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.

:mozilla.69:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.

:mozilla.70:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.

:mozilla.299:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Casalemedia : Cleaned.

:mozilla.300:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Casalemedia : Cleaned.

:mozilla.310:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Casalemedia : Cleaned.

:mozilla.327:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Casalemedia : Cleaned.

:mozilla.330:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Casalemedia : Cleaned.

:mozilla.11:C:\RECYCLER\NPROTECT\01158331.MOZ -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.20:C:\RECYCLER\NPROTECT\01157017.MOZ -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.31:C:\RECYCLER\NPROTECT\01158365.MOZ -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.40:C:\RECYCLER\NPROTECT\01158303.MOZ -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.50:C:\RECYCLER\NPROTECT\01158617.MOZ -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.60:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.74:C:\RECYCLER\NPROTECT\01158831.MOZ -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.7:C:\RECYCLER\NPROTECT\01156219.MOZ -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.80:C:\RECYCLER\NPROTECT\01158884.MOZ -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.94:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.100:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.110:C:\RECYCLER\NPROTECT\01158617.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.111:C:\RECYCLER\NPROTECT\01158623.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.117:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.

:mozilla.117:C:\RECYCLER\NPROTECT\01158747.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.118:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.

:mozilla.120:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.

:mozilla.130:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.

:mozilla.140:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.

:mozilla.150:C:\RECYCLER\NPROTECT\01156983.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.160:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.16:C:\RECYCLER\NPROTECT\01158800.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.170:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.180:C:\RECYCLER\NPROTECT\01157002.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.181:C:\RECYCLER\NPROTECT\01154700.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.193:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.200:C:\RECYCLER\NPROTECT\01158985.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.221:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.23:C:\RECYCLER\NPROTECT\01158819.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.31:C:\RECYCLER\NPROTECT\01158848.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.372:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.380:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.390:C:\RECYCLER\NPROTECT\01154700.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.400:C:\RECYCLER\NPROTECT\01156409.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.401:C:\RECYCLER\NPROTECT\01154700.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.40:C:\RECYCLER\NPROTECT\01158884.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.410:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.41:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.56:C:\RECYCLER\NPROTECT\01156216.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.60:C:\RECYCLER\NPROTECT\01156983.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.71:C:\RECYCLER\NPROTECT\01158770.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.80:C:\RECYCLER\NPROTECT\01158831.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.91:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.107:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Fastclick : Cleaned.

:mozilla.110:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Fastclick : Cleaned.

:mozilla.111:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Fastclick : Cleaned.

:mozilla.120:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Fastclick : Cleaned.

:mozilla.141:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Fastclick : Cleaned.

:mozilla.183:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.192:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.211:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.214:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.678:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.227:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Hitbox : Cleaned.

:mozilla.230:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Hitbox : Cleaned.

:mozilla.240:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Hitbox : Cleaned.

:mozilla.255:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Hitbox : Cleaned.

:mozilla.262:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Hitbox : Cleaned.

:mozilla.216:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.

:mozilla.270:C:\RECYCLER\NPROTECT\01158623.MOZ -> TrackingCookie.Imrworldwide : Cleaned.

:mozilla.280:C:\RECYCLER\NPROTECT\01156409.MOZ -> TrackingCookie.Imrworldwide : Cleaned.

:mozilla.295:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Imrworldwide : Cleaned.

:mozilla.243:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Mediaplex : Cleaned.

:mozilla.252:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Mediaplex : Cleaned.

:mozilla.271:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Mediaplex : Cleaned.

:mozilla.176:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Netflame : Cleaned.

:mozilla.180:C:\RECYCLER\NPROTECT\01158770.MOZ -> TrackingCookie.Netflame : Cleaned.

:mozilla.190:C:\RECYCLER\NPROTECT\01158884.MOZ -> TrackingCookie.Netflame : Cleaned.

:mozilla.204:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Netflame : Cleaned.

:mozilla.452:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.

:mozilla.121:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Overture : Cleaned.

:mozilla.131:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Overture : Cleaned.

:mozilla.150:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Overture : Cleaned.

:mozilla.110:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Paypal : Cleaned.

:mozilla.21:C:\RECYCLER\NPROTECT\01158770.MOZ -> TrackingCookie.Paypal : Cleaned.

:mozilla.35:C:\RECYCLER\NPROTECT\01158782.MOZ -> TrackingCookie.Paypal : Cleaned.

:mozilla.43:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Paypal : Cleaned.

:mozilla.50:C:\RECYCLER\NPROTECT\01158867.MOZ -> TrackingCookie.Paypal : Cleaned.

:mozilla.69:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Paypal : Cleaned.

:mozilla.701:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.

:mozilla.71:C:\RECYCLER\NPROTECT\01159105.MOZ -> TrackingCookie.Paypal : Cleaned.

:mozilla.95:C:\RECYCLER\NPROTECT\01159138.MOZ -> TrackingCookie.Paypal : Cleaned.

:mozilla.29:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

:mozilla.30:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.

:mozilla.356:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Pointroll : Cleaned.

:mozilla.360:C:\RECYCLER\NPROTECT\01158617.MOZ -> TrackingCookie.Pointroll : Cleaned.

:mozilla.370:C:\RECYCLER\NPROTECT\01154700.MOZ -> TrackingCookie.Pointroll : Cleaned.

:mozilla.384:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Pointroll : Cleaned.

:mozilla.390:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Pointroll : Cleaned.

:mozilla.111:C:\RECYCLER\NPROTECT\01158867.MOZ -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.126:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.130:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.373:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.91:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.104:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Realmedia : Cleaned.

:mozilla.110:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Realmedia : Cleaned.

:mozilla.397:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.

:mozilla.66:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Realmedia : Cleaned.

:mozilla.70:C:\RECYCLER\NPROTECT\01156983.MOZ -> TrackingCookie.Realmedia : Cleaned.

:mozilla.80:C:\RECYCLER\NPROTECT\01158795.MOZ -> TrackingCookie.Realmedia : Cleaned.

:mozilla.90:C:\RECYCLER\NPROTECT\01158867.MOZ -> TrackingCookie.Realmedia : Cleaned.

:mozilla.159:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Revsci : Cleaned.

:mozilla.160:C:\RECYCLER\NPROTECT\01158617.MOZ -> TrackingCookie.Revsci : Cleaned.

:mozilla.170:C:\RECYCLER\NPROTECT\01156427.MOZ -> TrackingCookie.Revsci : Cleaned.

:mozilla.187:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Revsci : Cleaned.

:mozilla.190:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Revsci : Cleaned.

:mozilla.409:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.410:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.

:mozilla.206:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Specificclick : Cleaned.

:mozilla.207:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Specificclick : Cleaned.

:mozilla.208:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Specificclick : Cleaned.

:mozilla.209:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Specificclick : Cleaned.

:mozilla.210:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Specificclick : Cleaned.

:mozilla.220:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Specificclick : Cleaned.

:mozilla.234:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Specificclick : Cleaned.

:mozilla.240:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Specificclick : Cleaned.

:mozilla.25:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.

:mozilla.447:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.

:mozilla.451:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.

C:\Documents and Settings\Kathleen Li\Cookies\kathleen li@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.

:mozilla.140:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Tacoda : Cleaned.

:mozilla.150:C:\RECYCLER\NPROTECT\01154745.MOZ -> TrackingCookie.Tacoda : Cleaned.

:mozilla.160:C:\RECYCLER\NPROTECT\01158848.MOZ -> TrackingCookie.Tacoda : Cleaned.

:mozilla.170:C:\RECYCLER\NPROTECT\01159105.MOZ -> TrackingCookie.Tacoda : Cleaned.

:mozilla.178:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Tacoda : Cleaned.

:mozilla.458:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.460:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.

C:\Documents and Settings\Kathleen Li\Cookies\kathleen li@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.

:mozilla.103:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Tribalfusion : Cleaned.

:mozilla.491:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.

:mozilla.59:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Tribalfusion : Cleaned.

:mozilla.60:C:\RECYCLER\NPROTECT\01156219.MOZ -> TrackingCookie.Tribalfusion : Cleaned.

:mozilla.70:C:\RECYCLER\NPROTECT\01158623.MOZ -> TrackingCookie.Tribalfusion : Cleaned.

:mozilla.81:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Tribalfusion : Cleaned.

:mozilla.13:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Webtrends : Cleaned.

:mozilla.25:C:\RECYCLER\NPROTECT\01159136.MOZ -> TrackingCookie.Webtrends : Cleaned.

:mozilla.44:C:\RECYCLER\NPROTECT\01159138.MOZ -> TrackingCookie.Webtrends : Cleaned.

:mozilla.619:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.

:mozilla.7:C:\RECYCLER\NPROTECT\01158925.MOZ -> TrackingCookie.Webtrends : Cleaned.

:mozilla.383:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Webtrendslive : Cleaned.

:mozilla.392:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Webtrendslive : Cleaned.

:mozilla.411:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Webtrendslive : Cleaned.

:mozilla.296:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.300:C:\RECYCLER\NPROTECT\01158623.MOZ -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.310:C:\RECYCLER\NPROTECT\01154700.MOZ -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.324:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.561:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

[232] VM_00DE0000 -> Trojan.DNSChanger.ih : Cleaned with backup (quarantined).

[256] VM_00CC0000 -> Trojan.DNSChanger.ih : Cleaned with backup (quarantined).

[796] VM_00A30000 -> Trojan.DNSChanger.ih : Cleaned with backup (quarantined).

 

 

::Report end

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 9:26:42 PM, on 6/10/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe

C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe

C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe

C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE

C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Program Files\Windows Media Player\WMPNetwk.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

C:\Program Files\Sony\ISB Utility\ISBMgr.exe

C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe

C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe

C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Winamp\winampa.exe

C:\WINDOWS\system32\USBMonit.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\AIM\aim.exe

C:\Program Files\Google\Google Talk\googletalk.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe

C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Program Files\Trend Micro\Tmas\Tmas.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\iTunes\iTunes.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Kathleen Li\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll

R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll

O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll

O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"

O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [AppMon Utility] C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe @@@Start

O4 - HKLM\..\Run: [switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"

O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe

O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\system32\USBMonit.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl

O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe

O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll

O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk

O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1153333258947

O17 - HKLM\System\CCS\Services\Tcpip\..\{2F24F002-6749-4FCB-A2ED-5D9E92394F3F}: NameServer = 85.255.115.35,85.255.112.122

O17 - HKLM\System\CCS\Services\Tcpip\..\{314AD573-BD2E-454D-BAB9-5B9F7378D9E4}: NameServer = 85.255.115.35,85.255.112.122

O17 - HKLM\System\CCS\Services\Tcpip\..\{4B825E89-8A7C-4CFB-9EC4-D426B3C4B2FE}: NameServer = 85.255.115.35,85.255.112.122

O17 - HKLM\System\CCS\Services\Tcpip\..\{C9F661B3-6040-4EDB-96F5-B292F9C7E214}: NameServer = 85.255.115.35,85.255.112.122

O17 - HKLM\System\CCS\Services\Tcpip\..\{DF4EDCF0-1E48-4AFA-9BC2-BDC3E8

E5F434}: NameServer = 85.255.115.35,85.255.112.122

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122

O17 - HKLM\System\CS1\Services\Tcpip\..\{2F24F002-6749-4FCB-A2ED-5D9E92394F3F}: NameServer = 85.255.115.35,85.255.112.122

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

 

--

End of file - 17156 bytes

Edited by cappri

Share this post


Link to post
Share on other sites

Welcome to SWI. We apologize for the delay; our helpers have been very busy.

If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

 

Thank you for your patience.

 

[this is an automated reply]

Share this post


Link to post
Share on other sites

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

 

Please download FixWareout from this site:

http://downloads.subratam.org/Fixwareout.exe

 

Save it to your desktop and run it. Click Next, then Install, then make sure "Run fixit" is checked and click Finish. The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.

 

When your system reboots, follow the prompts. Afterwards, HijackThis will launch. Please click Scan, and check the following items:

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{2F24F002-6749-4FCB-A2ED-5D9E92394F3F}: NameServer = 85.255.115.35,85.255.112.122

O17 - HKLM\System\CCS\Services\Tcpip\..\{314AD573-BD2E-454D-BAB9-5B9F7378D9E4}: NameServer = 85.255.115.35,85.255.112.122

O17 - HKLM\System\CCS\Services\Tcpip\..\{4B825E89-8A7C-4CFB-9EC4-D426B3C4B2FE}: NameServer = 85.255.115.35,85.255.112.122

O17 - HKLM\System\CCS\Services\Tcpip\..\{C9F661B3-6040-4EDB-96F5-B292F9C7E214}: NameServer = 85.255.115.35,85.255.112.122

O17 - HKLM\System\CCS\Services\Tcpip\..\{DF4EDCF0-1E48-4AFA-9BC2-BDC3E8

E5F434}: NameServer = 85.255.115.35,85.255.112.122

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122

O17 - HKLM\System\CS1\Services\Tcpip\..\{2F24F002-6749-4FCB-A2ED-5D9E92394F3F}: NameServer = 85.255.115.35,85.255.112.122

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122

 

Click Fix Checked. Close HijackThis, and click OK to proceed.

 

At the end of the fix, you need to restart your computer again.

 

Note:

If you have problems with your internet connection after this fix, try this.

Please go to Start -> Control Panel, and choose Network Connections. Then right click on your default connection, usually Local Area Connection or Dial-up Connection if you are using Dial-up, and left click on properties. Double-click on the Internet Protocol (TCP/IP) item and select the radio button that says Obtain DNS servers automatically. Click OK twice, and restart your computer.

 

If the O17 remains or you still have difficulties in getting to a site, Flush the DSN.

Go start > run type cmd and hit OK

type

ipconfig /flushdns <-- (The space between g and / is needed)

 

Then hit Enter, type Exit, hit Enter

 

Finally, please post the contents of the logfile C:\fixwareout\report.txt, along with a new HijackThis log.

Share this post


Link to post
Share on other sites

Due to the lack of feedback this Topic is closed.

 

[Reopened]

 

Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites

cappri

 

I'm listening. Submit a fresh HijackThis log and let me know what problem remains.

 

Before you do submit your log, update HijackThis.

 

Please do the following to download and install the latest version of HijackThis v2.0.2:

 

CLICK HERE to download the HijackThis Installer:

  1. Save HJTInstall.exe to your desktop.
  2. Double-click on HJTInstall.exe to run the program.
  3. By default it will install to C:\Program Files\Trend Micro\HijackThis.
  4. Accept the license agreement by clicking the "I Accept" button.
  5. Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
  6. Click "Save log" to save the log file and then the log will open in Notepad.
  7. Click on "Edit -> Select All" then click on "Edit -> Copy" to copy the entire contents of the log.
  8. Come back here to this thread and paste the log in your next reply.
  9. Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

Delete the older version once you have successfully downloaded and installed the latest version.

Share this post


Link to post
Share on other sites

Hello,

 

Thank you so much for your rapid response!

 

I stumbled upon my thread while I was searching for solutions to my old problem.

Whenever I ran AVG 7.5 (Ewido), a Trojan.DNSChanger.ih would always show up, no matter how many scans I ran. I googled it and through some other solutions I cleaned the registry NameServer and Dhcp entries. I also ran the Fixit.exe that you provided, as well as HJT as you requested.

 

Though I can now view sites that were once hijacked (i.e. Jcrew.com, anthropologie.com), I'm still not sure that my computer is virus free.

Also, I'm still having problems viewing .wmv files from the web.

My computer also has trouble ending some processes, even when I specifically go into the task manager and try to shut them down there. When these processes hang, my computer takes a very long time to shut down.

 

»»»»»Prerun check

HKLM\SOFTWARE\~\Winlogon\ "System"="kdety.exe"

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

"nameserver"="85.255.115.35 85.255.112.122" <Value cleared.

 

 

»»»»» Postrun check

HKLM\SOFTWARE\~\Winlogon\ "system"=""

....

....

»»»»» Misc files.

....

»»»»» Checking for older varients.

....

»»»»» Other

C:\WINDOWS\Temp\kdety.ren 63454 08/04/2004

 

»»»»» Current runs (hklm hkcu "run" Keys Only)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="C:\\Program Files\\Apoint\\Apoint.exe"

"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""

"SonyPowerCfg"="C:\\Program Files\\Sony\\VAIO Power Management\\SPMgr.exe"

"IAAnotif"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe"

"ISBMgr.exe"="C:\\Program Files\\Sony\\ISB Utility\\ISBMgr.exe"

"VAIO Update 2"="\"C:\\Program Files\\Sony\\VAIO Update 2\\VAIOUpdt.exe\" /Stationary"

"AppMon Utility"="C:\\Program Files\\Sony\\AppMonUtil\\AppMonUtility.exe @@@Start"

"Switcher.exe"="C:\\Program Files\\Sony\\Wireless Switch Setting Utility\\Switcher.exe"

"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""

"VAIOCameraUtility"="\"C:\\Program Files\\Sony\\VAIO Camera Utility\\VCUServe.exe\""

"VAIO Recovery"="C:\\WINDOWS\\Sonysys\\VAIO Recovery\\PartSeal.exe"

"DeadAIM"="rundll32.exe \"C:\\PROGRA~1\\AIM\\\\DeadAIM.ocm\",ExportedCheckODLs"

"Microsoft Works Update Detection"="C:\\Program Files\\Common Files\\Microsoft Shared\\Works Shared\\WkUFind.exe"

"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"

"Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"

"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"

"PartSeal"="C:\\WINDOWS\\Sonysys\\VAIO Recovery\\PartSeal.exe"

"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"

"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"

"Gene USB Monitor"="C:\\WINDOWS\\system32\\USBMonit.exe"

"Symantec PIF AlertEng"="\"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PIFSvc.exe\" /a /m \"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\AlertEng.dll\""

"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"

"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"

"googletalk"="\"C:\\Program Files\\Google\\Google Talk\\googletalk.exe\" /autostart"

....

Hosts file was reset, If you use a custom hosts file please replace it

»»»»» End report »»»»»

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 5:34:06 PM, on 8/14/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe

C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe

C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE

C:\WINDOWS\Explorer.EXE

C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

C:\Program Files\Sony\ISB Utility\ISBMgr.exe

C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe

C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe

C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Winamp\winampa.exe

C:\WINDOWS\system32\USBMonit.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\AIM\aim.exe

C:\Program Files\Google\Google Talk\googletalk.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe

C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Program Files\Trend Micro\Tmas\Tmas.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Kathleen Li\HiJackThis_v2.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll

O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll

O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"

O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [AppMon Utility] C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe @@@Start

O4 - HKLM\..\Run: [switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"

O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe

O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\system32\USBMonit.exe

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl

O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe

O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll

O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk

O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1153333258947

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

 

--

End of file - 16020 bytes

 

 

Thank you!!!

Edited by cappri

Share this post


Link to post
Share on other sites

Hi,

 

Nothing suspicious was found on your log. I can only suggest that you get the latest Java version.

 

Updating Java

  • Download the latest version of Java Runtime Environment (JRE) 6u2.
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
    - Examples of older versions in Add or Remove Programs:
    • Java 2 Runtime Environment, SE v1.4.2
    • J2SE Runtime Environment 5.0
    • J2SE Runtime Environment 5.0 Update 6

    [*]Click the Remove or Change/Remove button.

    [*]Repeat as many times as necessary to remove each Java versions. <- important.

    [*]Reboot your computer once all Java components are removed.

    [*]Then from your desktop double-click on jre-6u2-windows-i586-p.exe to install the newest version.

Share this post


Link to post
Share on other sites

Hi, thank you for your response.

 

Thank you for the suggestion to upgrade Java. I would, except my college has asked us not to quite yet because their systems have yet to be upgraded to be compatible with Java 6.

 

It's also great to hear that my HJT log didn't show any problems, but when I ran AVG 7.5 last night, it still produced the Trojan.DNSChanger.ih virus. Does that mean that something is still left on my computer? Since when i fixed those registry entries, I went in manually and simply deleted those values from the registry fields.

 

I'm posting the log here. Actually, it's an extremely abbreviated version, because my AVG log keeps on showing hundreds of Tracking Cookie results that are a digit or two off. Does this indicate a problem, at all?

 

 

---------------------------------------------------------

AVG Anti-Spyware - Scan Report

---------------------------------------------------------

 

+ Created at: 5:25:42 PM 8/17/2007

 

+ Scan result:

 

 

 

:mozilla.105:C:\RECYCLER\NPROTECT058556.MOZ -> TrackingCookie.2o7 : Cleaned.

:mozilla.101:C:\RECYCLER\NPROTECT057934.MOZ -> TrackingCookie.Addynamix : Cleaned.

:mozilla.10:C:\RECYCLER\NPROTECT057851.MOZ -> TrackingCookie.Adrevolver : Cleaned.

:mozilla.101:C:\RECYCLER\NPROTECT057995.MOZ -> TrackingCookie.Advertising : Cleaned.

:mozilla.10:C:\RECYCLER\NPROTECT055719.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.10:C:\RECYCLER\NPROTECT055738.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.10:C:\RECYCLER\NPROTECT055741.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.10:C:\RECYCLER\NPROTECT055743.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.10:C:\RECYCLER\NPROTECT055745.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.10:C:\RECYCLER\NPROTECT055833.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.10:C:\RECYCLER\NPROTECT056105.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.10:C:\RECYCLER\NPROTECT056295.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.10:C:\RECYCLER\NPROTECT056321.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.10:C:\RECYCLER\NPROTECT056325.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.11:C:\RECYCLER\NPROTECT055712.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.11:C:\RECYCLER\NPROTECT055719.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.11:C:\RECYCLER\NPROTECT055741.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.11:C:\RECYCLER\NPROTECT055743.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.11:C:\RECYCLER\NPROTECT056105.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.11:C:\RECYCLER\NPROTECT056321.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.11:C:\RECYCLER\NPROTECT056325.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.12:C:\RECYCLER\NPROTECT055712.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.12:C:\RECYCLER\NPROTECT055743.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.12:C:\RECYCLER\NPROTECT055838.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.12:C:\RECYCLER\NPROTECT055859.MOZ -> TrackingCookie.Advertising : Error during cleaning.

:mozilla.10:C:\RECYCLER\NPROTECT055712.MOZ -> TrackingCookie.Atdmt : Error during cleaning.

:mozilla.10:C:\RECYCLER\NPROTECT056781.MOZ -> TrackingCookie.Atdmt : Cleaned.

:mozilla.10:C:\RECYCLER\NPROTECT056826.MOZ -> TrackingCookie.Atdmt : Cleaned.

:mozilla.10:C:\RECYCLER\NPROTECT056834.MOZ -> TrackingCookie.Atdmt : Cleaned.

:mozilla.10:C:\RECYCLER\NPROTECT058432.MOZ -> TrackingCookie.Atdmt : Cleaned.

:mozilla.11:C:\RECYCLER\NPROTECT055745.MOZ -> TrackingCookie.Atdmt : Error during cleaning.

:mozilla.11:C:\RECYCLER\NPROTECT055833.MOZ -> TrackingCookie.Atdmt : Error during cleaning.

:mozilla.106:C:\RECYCLER\NPROTECT058525.MOZ -> TrackingCookie.Burstbeacon : Cleaned.

:mozilla.100:C:\RECYCLER\NPROTECT058516.MOZ -> TrackingCookie.Burstnet : Cleaned.

:mozilla.100:C:\RECYCLER\NPROTECT058519.MOZ -> TrackingCookie.Burstnet : Cleaned.

:mozilla.100:C:\RECYCLER\NPROTECT058478.MOZ -> TrackingCookie.Casalemedia : Cleaned.

:mozilla.13:C:\RECYCLER\NPROTECT058532.MOZ -> TrackingCookie.Cnn : Cleaned.

:mozilla.10:C:\RECYCLER\NPROTECT056614.MOZ -> TrackingCookie.Coremetrics : Cleaned.

:mozilla.10:C:\RECYCLER\NPROTECT056632.MOZ -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.12:C:\RECYCLER\NPROTECT058580.MOZ -> TrackingCookie.Esomniture : Cleaned.

:mozilla.100:C:\RECYCLER\NPROTECT058556.MOZ -> TrackingCookie.Fastclick : Cleaned.

:mozilla.102:C:\RECYCLER\NPROTECT058430.MOZ -> TrackingCookie.Liveperson : Cleaned.

:mozilla.100:C:\RECYCLER\NPROTECT058430.MOZ -> TrackingCookie.Overture : Cleaned.

:mozilla.10:C:\RECYCLER\NPROTECT056445.MOZ -> TrackingCookie.Paypal : Cleaned.

:mozilla.28:C:\RECYCLER\NPROTECT055712.MOZ -> TrackingCookie.Paypal : Error during cleaning.

:mozilla.28:C:\RECYCLER\NPROTECT055719.MOZ -> TrackingCookie.Paypal : Error during cleaning.

:mozilla.28:C:\RECYCLER\NPROTECT055738.MOZ -> TrackingCookie.Paypal : Error during cleaning.

:mozilla.28:C:\RECYCLER\NPROTECT055741.MOZ -> TrackingCookie.Paypal : Error during cleaning.

:mozilla.28:C:\RECYCLER\NPROTECT055743.MOZ -> TrackingCookie.Paypal : Error during cleaning.

:mozilla.28:C:\RECYCLER\NPROTECT055745.MOZ -> TrackingCookie.Paypal : Error during cleaning.

:mozilla.28:C:\RECYCLER\NPROTECT055833.MOZ -> TrackingCookie.Paypal : Error during cleaning.

:mozilla.100:C:\RECYCLER\NPROTECT058532.MOZ -> TrackingCookie.Pointroll : Cleaned.

:mozilla.100:C:\RECYCLER\NPROTECT057957.MOZ -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.41:C:\RECYCLER\NPROTECT056053.MOZ -> TrackingCookie.Questionmarket : Error during cleaning.

:mozilla.41:C:\RECYCLER\NPROTECT056094.MOZ -> TrackingCookie.Questionmarket : Error during cleaning.

:mozilla.41:C:\RECYCLER\NPROTECT056097.MOZ -> TrackingCookie.Questionmarket : Error during cleaning.

:mozilla.43:C:\RECYCLER\NPROTECT056975.MOZ -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.43:C:\RECYCLER\NPROTECT056991.MOZ -> TrackingCookie.Questionmarket : Cleaned.

:mozilla.100:C:\RECYCLER\NPROTECT058580.MOZ -> TrackingCookie.Realmedia : Cleaned.

:mozilla.100:C:\RECYCLER\NPROTECT058546.MOZ -> TrackingCookie.Revsci : Cleaned.

:mozilla.100:C:\RECYCLER\NPROTECT058525.MOZ -> TrackingCookie.Specificclick : Cleaned.

:mozilla.109:C:\RECYCLER\NPROTECT058525.MOZ -> TrackingCookie.Statcounter : Cleaned.

:mozilla.10:C:\RECYCLER\NPROTECT058703.MOZ -> TrackingCookie.Tacoda : Cleaned.

:mozilla.106:C:\RECYCLER\NPROTECT057995.MOZ -> TrackingCookie.Tribalfusion : Cleaned.

:mozilla.103:C:\RECYCLER\NPROTECT058478.MOZ -> TrackingCookie.Valueclick : Cleaned.

:mozilla.100:C:\RECYCLER\NPROTECT058701.MOZ -> TrackingCookie.Webtrendslive : Cleaned.

:mozilla.41:C:\RECYCLER\NPROTECT055712.MOZ -> TrackingCookie.Yieldmanager : Error during cleaning.

:mozilla.41:C:\RECYCLER\NPROTECT055719.MOZ -> TrackingCookie.Yieldmanager : Error during cleaning.

:mozilla.41:C:\RECYCLER\NPROTECT055738.MOZ -> TrackingCookie.Yieldmanager : Error during cleaning.

:mozilla.41:C:\RECYCLER\NPROTECT055741.MOZ -> TrackingCookie.Yieldmanager : Error during cleaning.

:mozilla.41:C:\RECYCLER\NPROTECT055743.MOZ -> TrackingCookie.Yieldmanager : Error during cleaning.

:mozilla.100:C:\RECYCLER\NPROTECT057934.MOZ -> TrackingCookie.Zedo : Cleaned.

C:\System Volume Information\_restore{084D6A12-E789-4DC9-9269-43F141BC0A1F}\RP350\A0064372.exe -> Trojan.DNSChanger.ih : Cleaned with backup (quarantined).

C:\WINDOWS\Temp\kdety.ren -> Trojan.DNSChanger.ih : Cleaned with backup (quarantined).

 

 

Thanks very much!

Edited by cappri

Share this post


Link to post
Share on other sites

Clean yor Domains setttings.

 

Download: DelDomains.inf

http://mvps.org/winhelp2002/DelDomains.inf

Right-click on the deldomains.inf file and select 'Install'.

 

Let me know if the problem persists.

 

p.s.

Your Java version is prone to the Vundo infections. Tell the I.T. department.

Share this post


Link to post
Share on other sites

Thank you for your reply and the advice about Java and clearing my domains.

 

I did as you said I should, and I am no longer getting the various IE popups that used to appear.

 

However, my AVG 7.5 and Spybot S&D are still picking up many tracking cookies. AVG 7.5 frequently picks up 3,000+ of them. I know Tracking Cookies are not as direly threatening as many other issues, but is there any way to clean them out?

 

Thank you again!

Share this post


Link to post
Share on other sites

This is a andy tool.

 

Download ATF Cleaner by Atribune from here http://www.atribune.org/content/view/25/1/ and save it to your Desktop.

Follow the instructions for the browser you use.

 

Read the instructions about the cookies. Delete what you do not need.

Double click ATF-Cleaner.exe to run the program.

Check the boxes to the left of:

 

Windows Temp

Current User Temp

All Users Temp

Temporary Internet Files

*Prefetch (Windows XP) only.

Java Cache

 

The rest are optional - if you want to remove the lot, check "Select All".

Finally click Empty Selected. When you get the "Done Cleaning" message, click OK.

 

If you use the Firefox or Opera browsers, you can use this program as a quick way to tidy those up as well.

 

When you have finished, click on the Exit button in the Main menu.

 

For Technical Support, double-click the e-mail address located at the bottom of each menu.

 

* The purpose of Prefetch folder is to increase the speed at which you can access the programs that you use on your PC. Unfortunately, Windows doesn't differentiate between a program you use every day and one you use every blue moon, which means that it may be prefetching a lot of stuff that you rarely use, adding to your startup time.

You may find that the first time you boot up after cleaning out this folder, your PC takes longer to get into gear - the second, and subsequent, boots should be quicker.

Share this post


Link to post
Share on other sites

Hi,

 

So I used the ATF Cleaner, but it seems more like a temporary cleaner than a permanent remover of the Tracking Cookies. When I run the cleaner, it definitely decreases the number of Tracking Cookies that show up, but when I use my browser again, more Tracking Cookie traces are found.

 

Is there a way to permanently remove the Tracking Cookie traces? Or is the presence of Tracking Cookies when I run AVG 7.5 not a big problem?

 

Thank you,

Share this post


Link to post
Share on other sites

Glad we could help. :)

 

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0